Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

believe to have picked up sirefef trojan


  • Please log in to reply
16 replies to this topic

#1 grim22x7

grim22x7

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 15 July 2012 - 12:48 AM

This morning I was prompted to update adobe flash. After it was finished I went about my day without any notable problems. I then got bored and visited "tapiture.com" I then got the error (title bar) "you are about to be logged off" (body) "Windows has encountered a critical problem and will automatically restart in one minute. Please save your work now." It waits the stated minute then immediately shuts down. No flickers or dimming like if I were to shut the system down normally.

It seemed a bit odd, there was no help, no definition. I've seen some weird ones but this is pretty vague. I thought it might be hardware related, diagnostics came back clean. I then, uninstalled flash and purged my temp folders and tried to complete a spybot S&D scan. Couldn't come up with anything in 11 minutes. At this time I tried running the trend micro security only to find that it is a hollow icon sitting in my task bar (yay corporate security suites). I downloaded ESET6 RC (thinking I wouldn't need to activate if I was testing their software, wrong) I could only do about half a scan which returned some hits for a sirefef variant. It said they were deleted but even after a restart eset would find the bug in the same place.

Safe mode. I am able to keep the machine running in safe mode for more than 11 minutes. I am crawling through a sans-GUI ESET scan now. I will run spy bot after that then maybe run them both again after restarting in safe mode again. Then I will try to roll back to last week and rerun scans.

This is my work laptop. Running win 7 32bit. It also has some screwy permissions because of a domain name. Our IT support is young and on vacation (I haven't had vacation since Christmas). If I pass it off to them they are likely to nuke it and call it a day. I will then be out of work for about a week while they cross ship and another few days downloading programs from the server and rebuilding the necessary software library. Don't even have to mention lost data. Which makes my bosses very unpleasant. If none of the above works I am thinking to buy a hard drive enclosure pull the hard drive and run scans on it that way.

please help,

Grim

Edited by grim22x7, 15 July 2012 - 12:50 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:38 AM

Posted 15 July 2012 - 09:38 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 grim22x7

grim22x7
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 16 July 2012 - 11:44 AM

Logs are below. I did end up rolling back to a previous restore point. From july 10th. I ran all the scans mentioned above again. I also ran the scans you suggested and have posted the results below. Thanks for the fast response.



08:33:54.0257 1328 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
08:33:54.0784 1328 ============================================================
08:33:54.0784 1328 Current date / time: 2012/07/16 08:33:54.0784
08:33:54.0784 1328 SystemInfo:
08:33:54.0784 1328
08:33:54.0784 1328 OS Version: 6.1.7601 ServicePack: 1.0


08:33:54.0784 1328 Product type: Workstation
08:33:54.0784 1328 ComputerName: (private)
08:33:54.0785 1328 UserName: (private)
08:33:54.0785 1328 Windows directory: C:\Windows
08:33:54.0785 1328 System windows directory: C:\Windows
08:33:54.0785 1328 Processor architecture: Intel x86
08:33:54.0785 1328 Number of processors: 4
08:33:54.0785 1328 Page size: 0x1000
08:33:54.0785 1328 Boot type: Normal boot
08:33:54.0785 1328 ============================================================
08:33:58.0442 1328 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:33:58.0447 1328 Drive \Device\Harddisk1\DR1 - Size: 0x746F100000 (465.74 Gb), SectorSize: 0x200, Cylinders: 0xED7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:33:58.0448 1328 ============================================================
08:33:58.0448 1328 \Device\Harddisk0\DR0:
08:33:58.0449 1328 MBR partitions:
08:33:58.0449 1328 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x178000
08:33:58.0449 1328 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x18C000, BlocksNum 0x221CE000
08:33:58.0478 1328 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2235A800, BlocksNum 0xFA0000
08:33:58.0478 1328 \Device\Harddisk1\DR1:
08:33:58.0479 1328 MBR partitions:
08:33:58.0479 1328 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A378000
08:33:58.0479 1328 ============================================================
08:33:58.0554 1328 C: <-> \Device\Harddisk0\DR0\Partition1
08:33:58.0664 1328 E: <-> \Device\Harddisk0\DR0\Partition2
08:33:59.0002 1328 F: <-> \Device\Harddisk1\DR1\Partition0
08:33:59.0003 1328 ============================================================
08:33:59.0003 1328 Initialize success
08:33:59.0003 1328 ============================================================
08:34:00.0807 5824 ============================================================
08:34:00.0807 5824 Scan started
08:34:00.0807 5824 Mode: Manual;
08:34:00.0807 5824 ============================================================
08:34:02.0037 5824 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
08:34:02.0106 5824 1394ohci - ok
08:34:02.0147 5824 Acceler (3e58933198689f24cfa6ed4b93a80deb) C:\Windows\system32\DRIVERS\Accelern.sys
08:34:02.0183 5824 Acceler - ok
08:34:02.0230 5824 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
08:34:02.0285 5824 ACPI - ok
08:34:02.0307 5824 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
08:34:02.0332 5824 AcpiPmi - ok
08:34:02.0474 5824 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:34:02.0551 5824 AdobeFlashPlayerUpdateSvc - ok
08:34:02.0631 5824 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
08:34:02.0721 5824 adp94xx - ok
08:34:02.0761 5824 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
08:34:02.0788 5824 adpahci - ok
08:34:02.0826 5824 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
08:34:02.0874 5824 adpu320 - ok
08:34:02.0920 5824 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
08:34:02.0960 5824 AeLookupSvc - ok
08:34:03.0035 5824 AESTFilters (827dbc22c96eecf6d36a13162fabafd3) C:\Program Files\IDT\WDM\aestsrv.exe
08:34:03.0072 5824 AESTFilters - ok
08:34:03.0115 5824 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
08:34:03.0130 5824 AFD - ok
08:34:03.0165 5824 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
08:34:03.0207 5824 agp440 - ok
08:34:03.0256 5824 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
08:34:03.0349 5824 aic78xx - ok
08:34:03.0409 5824 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
08:34:03.0446 5824 ALG - ok
08:34:03.0500 5824 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
08:34:03.0528 5824 aliide - ok
08:34:03.0715 5824 almservice (5108a83a5973fadf523765d0319aabce) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
08:34:03.0827 5824 almservice - ok
08:34:03.0919 5824 ALSysIO - ok
08:34:04.0056 5824 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
08:34:04.0109 5824 amdagp - ok
08:34:04.0133 5824 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
08:34:04.0143 5824 amdide - ok
08:34:04.0172 5824 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
08:34:04.0201 5824 AmdK8 - ok
08:34:04.0219 5824 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
08:34:04.0237 5824 AmdPPM - ok
08:34:04.0263 5824 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
08:34:04.0281 5824 amdsata - ok
08:34:04.0299 5824 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
08:34:04.0332 5824 amdsbs - ok
08:34:04.0374 5824 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
08:34:04.0403 5824 amdxata - ok
08:34:04.0450 5824 ApfiltrService (9910a9c7d307a9e156d951248601c33e) C:\Windows\system32\DRIVERS\Apfiltr.sys
08:34:04.0491 5824 ApfiltrService - ok
08:34:04.0533 5824 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
08:34:04.0564 5824 AppID - ok
08:34:04.0631 5824 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
08:34:04.0650 5824 AppIDSvc - ok
08:34:04.0693 5824 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
08:34:04.0730 5824 Appinfo - ok
08:34:04.0800 5824 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
08:34:04.0855 5824 AppMgmt - ok
08:34:04.0897 5824 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
08:34:04.0944 5824 arc - ok
08:34:04.0954 5824 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
08:34:04.0972 5824 arcsas - ok
08:34:05.0001 5824 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
08:34:05.0032 5824 AsyncMac - ok
08:34:05.0062 5824 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
08:34:05.0091 5824 atapi - ok
08:34:05.0132 5824 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
08:34:05.0173 5824 AudioEndpointBuilder - ok
08:34:05.0176 5824 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
08:34:05.0178 5824 Audiosrv - ok
08:34:05.0200 5824 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
08:34:05.0233 5824 AxInstSV - ok
08:34:05.0276 5824 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
08:34:05.0354 5824 b06bdrv - ok
08:34:05.0399 5824 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
08:34:05.0455 5824 b57nd60x - ok
08:34:05.0478 5824 BCM42RLY (63e991fcb420a3b06e86c58bcfb994bb) C:\Windows\system32\drivers\BCM42RLY.sys
08:34:05.0510 5824 BCM42RLY - ok
08:34:05.0729 5824 BCM43XX (684320e13cff66cbac085654e26ed712) C:\Windows\system32\DRIVERS\bcmwl6.sys
08:34:05.0758 5824 BCM43XX - ok
08:34:05.0884 5824 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
08:34:05.0911 5824 BDESVC - ok
08:34:05.0944 5824 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
08:34:05.0953 5824 Beep - ok
08:34:06.0007 5824 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
08:34:06.0047 5824 BFE - ok
08:34:06.0098 5824 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
08:34:06.0160 5824 BITS - ok
08:34:06.0168 5824 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
08:34:06.0205 5824 blbdrive - ok
08:34:06.0234 5824 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
08:34:06.0272 5824 bowser - ok
08:34:06.0286 5824 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:34:06.0296 5824 BrFiltLo - ok
08:34:06.0298 5824 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:34:06.0321 5824 BrFiltUp - ok
08:34:06.0358 5824 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
08:34:06.0393 5824 Browser - ok
08:34:06.0416 5824 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
08:34:06.0478 5824 Brserid - ok
08:34:06.0486 5824 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
08:34:06.0504 5824 BrSerWdm - ok
08:34:06.0526 5824 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
08:34:06.0547 5824 BrUsbMdm - ok
08:34:06.0566 5824 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
08:34:06.0575 5824 BrUsbSer - ok
08:34:06.0590 5824 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
08:34:06.0631 5824 BTHMODEM - ok
08:34:06.0655 5824 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
08:34:06.0668 5824 bthserv - ok
08:34:06.0681 5824 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
08:34:06.0702 5824 cdfs - ok
08:34:06.0736 5824 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
08:34:06.0767 5824 cdrom - ok
08:34:06.0794 5824 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
08:34:06.0827 5824 CertPropSvc - ok
08:34:06.0851 5824 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
08:34:06.0867 5824 circlass - ok
08:34:06.0891 5824 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
08:34:06.0893 5824 CLFS - ok
08:34:06.0997 5824 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:34:07.0017 5824 clr_optimization_v2.0.50727_32 - ok
08:34:07.0086 5824 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:34:07.0123 5824 clr_optimization_v4.0.30319_32 - ok
08:34:07.0138 5824 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
08:34:07.0159 5824 CmBatt - ok
08:34:07.0183 5824 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
08:34:07.0193 5824 cmdide - ok
08:34:07.0237 5824 CNG (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
08:34:07.0287 5824 CNG - ok
08:34:07.0300 5824 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
08:34:07.0309 5824 Compbatt - ok
08:34:07.0347 5824 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
08:34:07.0376 5824 CompositeBus - ok
08:34:07.0379 5824 COMSysApp - ok
08:34:07.0388 5824 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
08:34:07.0398 5824 crcdisk - ok
08:34:07.0493 5824 Credential Vault Host Control Service (3dcb48ebdd33e4d0e1e07f1751d7f767) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
08:34:07.0563 5824 Credential Vault Host Control Service - ok
08:34:07.0588 5824 Credential Vault Host Storage (13bb0029f5e24a63f2fb256e04dcf2d0) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
08:34:07.0639 5824 Credential Vault Host Storage - ok
08:34:07.0699 5824 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
08:34:07.0783 5824 CryptSvc - ok
08:34:07.0818 5824 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
08:34:07.0885 5824 CSC - ok
08:34:07.0931 5824 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
08:34:07.0950 5824 CscService - ok
08:34:07.0992 5824 CtAudDrv (0f538df1673e5216f3baacb6911d9d0f) C:\Windows\system32\Drivers\CtAudDrv.sys
08:34:08.0029 5824 CtAudDrv - ok
08:34:08.0582 5824 CtClsFlt (aa52c0b88c46d5037809d05dd826c61e) C:\Windows\system32\DRIVERS\CtClsFlt.sys
08:34:08.0619 5824 CtClsFlt - ok
08:34:08.0665 5824 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\Windows\system32\DRIVERS\CVirtA.sys
08:34:08.0689 5824 CVirtA - ok
08:34:08.0827 5824 CVPND (66257cb4e4fb69887cddc71663741435) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
08:34:08.0937 5824 CVPND - ok
08:34:09.0060 5824 CVPNDRVA (18994842386fd3039279d7865740abbd) C:\Windows\system32\Drivers\CVPNDRVA.sys
08:34:09.0086 5824 CVPNDRVA - ok
08:34:09.0113 5824 cvusbdrv (d1697063e2cdb6575aa46d668ffee825) C:\Windows\system32\Drivers\cvusbdrv.sys
08:34:09.0147 5824 cvusbdrv - ok
08:34:09.0179 5824 CxDevice (2cace4b80a4aff1e522afd82b38622cb) C:\Windows\system32\Drivers\CxDevice.sys
08:34:09.0214 5824 CxDevice - ok
08:34:09.0255 5824 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
08:34:09.0258 5824 DcomLaunch - ok
08:34:09.0349 5824 dcpsysmgrsvc (658894a9500b789512e7f16c6f3a707d) c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
08:34:09.0419 5824 dcpsysmgrsvc - ok
08:34:09.0448 5824 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
08:34:09.0473 5824 defragsvc - ok
08:34:09.0500 5824 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
08:34:09.0544 5824 DfsC - ok
08:34:09.0608 5824 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
08:34:09.0654 5824 Dhcp - ok
08:34:09.0684 5824 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
08:34:09.0685 5824 discache - ok
08:34:09.0725 5824 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
08:34:09.0752 5824 Disk - ok
08:34:09.0790 5824 DNE (b5aa5aa5ac327bd7c1aec0c58f0c1144) C:\Windows\system32\DRIVERS\dne2000.sys
08:34:09.0832 5824 DNE - ok
08:34:09.0885 5824 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
08:34:09.0925 5824 Dnscache - ok
08:34:09.0968 5824 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
08:34:10.0017 5824 dot3svc - ok
08:34:10.0060 5824 dpmcslv (0bd72e62c3974c4f5e4372dba971901b) C:\Windows\system32\drivers\dpmcslv.sys
08:34:10.0106 5824 dpmcslv - ok
08:34:10.0147 5824 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
08:34:10.0177 5824 DPS - ok
08:34:10.0206 5824 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
08:34:10.0228 5824 drmkaud - ok
08:34:10.0314 5824 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
08:34:10.0348 5824 DXGKrnl - ok
08:34:10.0388 5824 e1cexpress (94ad8bae670e55bf646796b56bac53a4) C:\Windows\system32\DRIVERS\e1c6232.sys
08:34:10.0432 5824 e1cexpress - ok
08:34:10.0489 5824 eamonm (8a45015e85a4dce0086b9973f0fd9a20) C:\Windows\system32\DRIVERS\eamonm.sys
08:34:10.0547 5824 eamonm - ok
08:34:10.0584 5824 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
08:34:10.0617 5824 EapHost - ok
08:34:10.0792 5824 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
08:34:10.0919 5824 ebdrv - ok
08:34:11.0016 5824 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
08:34:11.0053 5824 EFS - ok
08:34:11.0109 5824 ehdrv (5412ed24fffca64e2f0168399b86c952) C:\Windows\system32\DRIVERS\ehdrv.sys
08:34:11.0163 5824 ehdrv - ok
08:34:11.0233 5824 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
08:34:11.0293 5824 ehRecvr - ok
08:34:11.0328 5824 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
08:34:11.0369 5824 ehSched - ok
08:34:11.0485 5824 ekrn (ad4faade819e0da9933bea7c01d2c763) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
08:34:11.0573 5824 ekrn - ok
08:34:11.0697 5824 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
08:34:11.0757 5824 elxstor - ok
08:34:11.0794 5824 epfw (774babcb1144513dc86992003740b774) C:\Windows\system32\DRIVERS\epfw.sys
08:34:11.0837 5824 epfw - ok
08:34:11.0866 5824 EpfwLWF (2c22cc39309ee06ae870c183bf2a769d) C:\Windows\system32\DRIVERS\EpfwLWF.sys
08:34:11.0895 5824 EpfwLWF - ok
08:34:11.0920 5824 epfwwfp (2b4e5f01a4e786b422f4d617b51fa7d9) C:\Windows\system32\DRIVERS\epfwwfp.sys
08:34:11.0935 5824 epfwwfp - ok
08:34:11.0969 5824 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
08:34:11.0992 5824 ErrDev - ok
08:34:12.0041 5824 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
08:34:12.0098 5824 EventSystem - ok
08:34:12.0122 5824 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
08:34:12.0186 5824 exfat - ok
08:34:12.0201 5824 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
08:34:12.0245 5824 fastfat - ok
08:34:12.0297 5824 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
08:34:12.0359 5824 Fax - ok
08:34:12.0419 5824 FCSAM (e214d616f8dfcfe21f38f9aa8b7b8077) c:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe
08:34:12.0420 5824 FCSAM - ok
08:34:12.0451 5824 FcsSas (5e162feb08f6635f0348d250b98ac758) C:\Program Files\Microsoft Forefront\Client Security\Client\SSA\FcsSas.exe
08:34:12.0484 5824 FcsSas - ok
08:34:12.0501 5824 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
08:34:12.0513 5824 fdc - ok
08:34:12.0538 5824 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
08:34:12.0585 5824 fdPHost - ok
08:34:12.0614 5824 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
08:34:12.0633 5824 FDResPub - ok
08:34:12.0647 5824 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
08:34:12.0680 5824 FileInfo - ok
08:34:12.0697 5824 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
08:34:12.0710 5824 Filetrace - ok
08:34:12.0726 5824 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
08:34:12.0737 5824 flpydisk - ok
08:34:12.0767 5824 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
08:34:12.0807 5824 FltMgr - ok
08:34:12.0867 5824 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
08:34:12.0919 5824 FontCache - ok
08:34:12.0995 5824 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
08:34:13.0023 5824 FontCache3.0.0.0 - ok
08:34:13.0037 5824 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
08:34:13.0074 5824 FsDepends - ok
08:34:13.0100 5824 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
08:34:13.0124 5824 Fs_Rec - ok
08:34:13.0161 5824 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
08:34:13.0162 5824 fvevol - ok
08:34:13.0206 5824 fwkbdrtm (1587bd21f05076687d2896396fcbab7d) C:\Windows\system32\drivers\fwkbdrtm.sys
08:34:13.0231 5824 fwkbdrtm - ok
08:34:13.0258 5824 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
08:34:13.0290 5824 gagp30kx - ok
08:34:13.0365 5824 GoToAssist (8f6ae606eb0cc884ee12c41948424422) C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe
08:34:13.0402 5824 GoToAssist - ok
08:34:13.0447 5824 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
08:34:13.0488 5824 gpsvc - ok
08:34:13.0500 5824 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
08:34:13.0512 5824 hcw85cir - ok
08:34:13.0536 5824 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
08:34:13.0555 5824 HDAudBus - ok
08:34:13.0576 5824 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
08:34:13.0616 5824 HidBatt - ok
08:34:13.0641 5824 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
08:34:13.0675 5824 HidBth - ok
08:34:13.0696 5824 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
08:34:13.0732 5824 HidIr - ok
08:34:13.0756 5824 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
08:34:13.0785 5824 hidserv - ok
08:34:13.0813 5824 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
08:34:13.0868 5824 HidUsb - ok
08:34:13.0901 5824 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
08:34:13.0930 5824 hkmsvc - ok
08:34:13.0956 5824 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
08:34:13.0976 5824 HomeGroupListener - ok
08:34:14.0025 5824 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
08:34:14.0074 5824 HomeGroupProvider - ok
08:34:14.0102 5824 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
08:34:14.0153 5824 HpSAMD - ok
08:34:14.0208 5824 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
08:34:14.0227 5824 HTTP - ok
08:34:14.0253 5824 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
08:34:14.0254 5824 hwpolicy - ok
08:34:14.0285 5824 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
08:34:14.0340 5824 i8042prt - ok
08:34:14.0387 5824 iaStor (f4037a3fedb92dd97c95f320766ea5c9) C:\Windows\system32\DRIVERS\iaStor.sys
08:34:14.0388 5824 iaStor - ok
08:34:14.0429 5824 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
08:34:14.0488 5824 iaStorV - ok
08:34:14.0585 5824 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
08:34:14.0629 5824 IDriverT - ok
08:34:14.0741 5824 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:34:14.0868 5824 idsvc - ok
08:34:15.0376 5824 igfx (398b3e63a5ed485c5bee4b575dec4bb4) C:\Windows\system32\DRIVERS\igdkmd32.sys
08:34:15.0686 5824 igfx - ok
08:34:15.0809 5824 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
08:34:15.0823 5824 iirsp - ok
08:34:15.0887 5824 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
08:34:15.0940 5824 IKEEXT - ok
08:34:15.0991 5824 IntcDAud (5576ad2f0039d2bccca3567fc0bf981c) C:\Windows\system32\DRIVERS\IntcDAud.sys
08:34:16.0044 5824 IntcDAud - ok
08:34:16.0085 5824 Intel® PROSet Monitoring Service (f2c6fb081b707863a0a21d639f325475) C:\Windows\system32\IProsetMonitor.exe
08:34:16.0131 5824 Intel® PROSet Monitoring Service - ok
08:34:16.0152 5824 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
08:34:16.0161 5824 intelide - ok
08:34:16.0191 5824 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
08:34:16.0228 5824 intelppm - ok
08:34:16.0276 5824 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
08:34:16.0315 5824 IPBusEnum - ok
08:34:16.0332 5824 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:34:16.0352 5824 IpFilterDriver - ok
08:34:16.0408 5824 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
08:34:16.0456 5824 iphlpsvc - ok
08:34:16.0485 5824 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
08:34:16.0530 5824 IPMIDRV - ok
08:34:16.0541 5824 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
08:34:16.0555 5824 IPNAT - ok
08:34:16.0570 5824 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
08:34:16.0579 5824 IRENUM - ok
08:34:16.0596 5824 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
08:34:16.0612 5824 isapnp - ok
08:34:16.0637 5824 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
08:34:16.0676 5824 iScsiPrt - ok
08:34:16.0768 5824 jhi_service (3b794ca0de73790420deba3c759f1502) C:\Program Files\Intel\Services\IPT\jhi_service.exe
08:34:16.0822 5824 jhi_service - ok
08:34:16.0863 5824 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
08:34:16.0892 5824 kbdclass - ok
08:34:16.0916 5824 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
08:34:16.0931 5824 kbdhid - ok
08:34:16.0973 5824 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
08:34:16.0977 5824 KeyIso - ok
08:34:17.0007 5824 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
08:34:17.0041 5824 KSecDD - ok
08:34:17.0057 5824 KSecPkg (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
08:34:17.0084 5824 KSecPkg - ok
08:34:17.0116 5824 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
08:34:17.0182 5824 KtmRm - ok
08:34:17.0218 5824 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
08:34:17.0251 5824 LanmanServer - ok
08:34:17.0272 5824 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
08:34:17.0286 5824 LanmanWorkstation - ok
08:34:17.0326 5824 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
08:34:17.0363 5824 lltdio - ok
08:34:17.0385 5824 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
08:34:17.0435 5824 lltdsvc - ok
08:34:17.0436 5824 Scan interrupted by user!
08:34:17.0436 5824 Scan interrupted by user!
08:34:17.0436 5824 Scan interrupted by user!
08:34:17.0436 5824 ============================================================
08:34:17.0436 5824 Scan finished
08:34:17.0436 5824 ============================================================
08:34:17.0442 5428 Detected object count: 0
08:34:17.0442 5428 Actual detected object count: 0
08:34:45.0835 4136 ============================================================
08:34:45.0835 4136 Scan started
08:34:45.0835 4136 Mode: Manual; TDLFS;
08:34:45.0835 4136 ============================================================
08:34:46.0457 4136 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
08:34:46.0458 4136 1394ohci - ok
08:34:46.0483 4136 Acceler (3e58933198689f24cfa6ed4b93a80deb) C:\Windows\system32\DRIVERS\Accelern.sys
08:34:46.0483 4136 Acceler - ok
08:34:46.0515 4136 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
08:34:46.0516 4136 ACPI - ok
08:34:46.0540 4136 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
08:34:46.0540 4136 AcpiPmi - ok
08:34:46.0603 4136 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:34:46.0605 4136 AdobeFlashPlayerUpdateSvc - ok
08:34:46.0641 4136 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
08:34:46.0643 4136 adp94xx - ok
08:34:46.0658 4136 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
08:34:46.0659 4136 adpahci - ok
08:34:46.0676 4136 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
08:34:46.0677 4136 adpu320 - ok
08:34:46.0706 4136 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
08:34:46.0706 4136 AeLookupSvc - ok
08:34:46.0812 4136 AESTFilters (827dbc22c96eecf6d36a13162fabafd3) C:\Program Files\IDT\WDM\aestsrv.exe
08:34:46.0813 4136 AESTFilters - ok
08:34:46.0850 4136 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
08:34:46.0852 4136 AFD - ok
08:34:46.0869 4136 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
08:34:46.0870 4136 agp440 - ok
08:34:46.0893 4136 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
08:34:46.0894 4136 aic78xx - ok
08:34:46.0930 4136 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
08:34:46.0931 4136 ALG - ok
08:34:46.0941 4136 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
08:34:46.0942 4136 aliide - ok
08:34:47.0059 4136 almservice (5108a83a5973fadf523765d0319aabce) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
08:34:47.0064 4136 almservice - ok
08:34:47.0153 4136 ALSysIO - ok
08:34:47.0256 4136 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
08:34:47.0257 4136 amdagp - ok
08:34:47.0277 4136 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
08:34:47.0277 4136 amdide - ok
08:34:47.0306 4136 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
08:34:47.0307 4136 AmdK8 - ok
08:34:47.0321 4136 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
08:34:47.0322 4136 AmdPPM - ok
08:34:47.0349 4136 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
08:34:47.0349 4136 amdsata - ok
08:34:47.0368 4136 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
08:34:47.0369 4136 amdsbs - ok
08:34:47.0386 4136 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
08:34:47.0386 4136 amdxata - ok
08:34:47.0418 4136 ApfiltrService (9910a9c7d307a9e156d951248601c33e) C:\Windows\system32\DRIVERS\Apfiltr.sys
08:34:47.0419 4136 ApfiltrService - ok
08:34:47.0445 4136 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
08:34:47.0446 4136 AppID - ok
08:34:47.0469 4136 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
08:34:47.0470 4136 AppIDSvc - ok
08:34:47.0579 4136 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
08:34:47.0579 4136 Appinfo - ok
08:34:47.0603 4136 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
08:34:47.0604 4136 AppMgmt - ok
08:34:47.0627 4136 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
08:34:47.0627 4136 arc - ok
08:34:47.0638 4136 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
08:34:47.0639 4136 arcsas - ok
08:34:47.0658 4136 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
08:34:47.0659 4136 AsyncMac - ok
08:34:47.0678 4136 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
08:34:47.0678 4136 atapi - ok
08:34:47.0710 4136 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
08:34:47.0712 4136 AudioEndpointBuilder - ok
08:34:47.0715 4136 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
08:34:47.0717 4136 Audiosrv - ok
08:34:47.0733 4136 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
08:34:47.0733 4136 AxInstSV - ok
08:34:47.0763 4136 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
08:34:47.0765 4136 b06bdrv - ok
08:34:47.0805 4136 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
08:34:47.0806 4136 b57nd60x - ok
08:34:47.0831 4136 BCM42RLY (63e991fcb420a3b06e86c58bcfb994bb) C:\Windows\system32\drivers\BCM42RLY.sys
08:34:47.0831 4136 BCM42RLY - ok
08:34:48.0004 4136 BCM43XX (684320e13cff66cbac085654e26ed712) C:\Windows\system32\DRIVERS\bcmwl6.sys
08:34:48.0022 4136 BCM43XX - ok
08:34:48.0118 4136 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
08:34:48.0119 4136 BDESVC - ok
08:34:48.0159 4136 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
08:34:48.0160 4136 Beep - ok
08:34:48.0196 4136 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
08:34:48.0199 4136 BFE - ok
08:34:48.0246 4136 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
08:34:48.0250 4136 BITS - ok
08:34:48.0265 4136 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
08:34:48.0265 4136 blbdrive - ok
08:34:48.0288 4136 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
08:34:48.0289 4136 bowser - ok
08:34:48.0301 4136 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:34:48.0301 4136 BrFiltLo - ok
08:34:48.0306 4136 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:34:48.0307 4136 BrFiltUp - ok
08:34:48.0336 4136 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
08:34:48.0337 4136 Browser - ok
08:34:48.0360 4136 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
08:34:48.0361 4136 Brserid - ok
08:34:48.0367 4136 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
08:34:48.0367 4136 BrSerWdm - ok
08:34:48.0376 4136 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
08:34:48.0376 4136 BrUsbMdm - ok
08:34:48.0383 4136 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
08:34:48.0383 4136 BrUsbSer - ok
08:34:48.0397 4136 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
08:34:48.0398 4136 BTHMODEM - ok
08:34:48.0422 4136 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
08:34:48.0423 4136 bthserv - ok
08:34:48.0439 4136 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
08:34:48.0439 4136 cdfs - ok
08:34:48.0461 4136 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
08:34:48.0461 4136 cdrom - ok
08:34:48.0478 4136 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
08:34:48.0479 4136 CertPropSvc - ok
08:34:48.0494 4136 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
08:34:48.0494 4136 circlass - ok
08:34:48.0516 4136 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
08:34:48.0517 4136 CLFS - ok
08:34:48.0680 4136 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:34:48.0681 4136 clr_optimization_v2.0.50727_32 - ok
08:34:48.0727 4136 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:34:48.0728 4136 clr_optimization_v4.0.30319_32 - ok
08:34:48.0741 4136 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
08:34:48.0741 4136 CmBatt - ok
08:34:48.0759 4136 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
08:34:48.0760 4136 cmdide - ok
08:34:48.0792 4136 CNG (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
08:34:48.0794 4136 CNG - ok
08:34:48.0802 4136 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
08:34:48.0803 4136 Compbatt - ok
08:34:48.0833 4136 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
08:34:48.0833 4136 CompositeBus - ok
08:34:48.0835 4136 COMSysApp - ok
08:34:48.0849 4136 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
08:34:48.0850 4136 crcdisk - ok
08:34:48.0970 4136 Credential Vault Host Control Service (3dcb48ebdd33e4d0e1e07f1751d7f767) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
08:34:48.0974 4136 Credential Vault Host Control Service - ok
08:34:48.0982 4136 Credential Vault Host Storage (13bb0029f5e24a63f2fb256e04dcf2d0) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
08:34:48.0983 4136 Credential Vault Host Storage - ok
08:34:49.0018 4136 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
08:34:49.0020 4136 CryptSvc - ok
08:34:49.0051 4136 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
08:34:49.0053 4136 CSC - ok
08:34:49.0081 4136 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
08:34:49.0084 4136 CscService - ok
08:34:49.0113 4136 CtAudDrv (0f538df1673e5216f3baacb6911d9d0f) C:\Windows\system32\Drivers\CtAudDrv.sys
08:34:49.0113 4136 CtAudDrv - ok
08:34:49.0136 4136 CtClsFlt (aa52c0b88c46d5037809d05dd826c61e) C:\Windows\system32\DRIVERS\CtClsFlt.sys
08:34:49.0137 4136 CtClsFlt - ok
08:34:49.0153 4136 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\Windows\system32\DRIVERS\CVirtA.sys
08:34:49.0154 4136 CVirtA - ok
08:34:49.0301 4136 CVPND (66257cb4e4fb69887cddc71663741435) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
08:34:49.0308 4136 CVPND - ok
08:34:49.0429 4136 CVPNDRVA (18994842386fd3039279d7865740abbd) C:\Windows\system32\Drivers\CVPNDRVA.sys
08:34:49.0430 4136 CVPNDRVA - ok
08:34:49.0450 4136 cvusbdrv (d1697063e2cdb6575aa46d668ffee825) C:\Windows\system32\Drivers\cvusbdrv.sys
08:34:49.0451 4136 cvusbdrv - ok
08:34:49.0476 4136 CxDevice (2cace4b80a4aff1e522afd82b38622cb) C:\Windows\system32\Drivers\CxDevice.sys
08:34:49.0477 4136 CxDevice - ok
08:34:49.0511 4136 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
08:34:49.0514 4136 DcomLaunch - ok
08:34:49.0576 4136 dcpsysmgrsvc (658894a9500b789512e7f16c6f3a707d) c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
08:34:49.0578 4136 dcpsysmgrsvc - ok
08:34:49.0605 4136 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
08:34:49.0606 4136 defragsvc - ok
08:34:49.0632 4136 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
08:34:49.0632 4136 DfsC - ok
08:34:49.0663 4136 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
08:34:49.0665 4136 Dhcp - ok
08:34:49.0747 4136 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
08:34:49.0748 4136 discache - ok
08:34:49.0773 4136 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
08:34:49.0774 4136 Disk - ok
08:34:49.0805 4136 DNE (b5aa5aa5ac327bd7c1aec0c58f0c1144) C:\Windows\system32\DRIVERS\dne2000.sys
08:34:49.0806 4136 DNE - ok
08:34:50.0092 4136 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
08:34:50.0094 4136 Dnscache - ok
08:34:50.0129 4136 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
08:34:50.0131 4136 dot3svc - ok
08:34:50.0165 4136 dpmcslv (0bd72e62c3974c4f5e4372dba971901b) C:\Windows\system32\drivers\dpmcslv.sys
08:34:50.0165 4136 dpmcslv - ok
08:34:51.0122 4136 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
08:34:51.0126 4136 DPS - ok
08:34:51.0155 4136 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
08:34:51.0156 4136 drmkaud - ok
08:34:51.0213 4136 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
08:34:51.0226 4136 DXGKrnl - ok
08:34:51.0252 4136 e1cexpress (94ad8bae670e55bf646796b56bac53a4) C:\Windows\system32\DRIVERS\e1c6232.sys
08:34:51.0253 4136 e1cexpress - ok
08:34:51.0306 4136 eamonm (8a45015e85a4dce0086b9973f0fd9a20) C:\Windows\system32\DRIVERS\eamonm.sys
08:34:51.0309 4136 eamonm - ok
08:34:51.0335 4136 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
08:34:51.0340 4136 EapHost - ok
08:34:51.0503 4136 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
08:34:51.0516 4136 ebdrv - ok
08:34:51.0610 4136 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
08:34:51.0614 4136 EFS - ok
08:34:51.0654 4136 ehdrv (5412ed24fffca64e2f0168399b86c952) C:\Windows\system32\DRIVERS\ehdrv.sys
08:34:51.0657 4136 ehdrv - ok
08:34:51.0736 4136 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
08:34:51.0745 4136 ehRecvr - ok
08:34:51.0782 4136 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
08:34:51.0784 4136 ehSched - ok
08:34:51.0898 4136 ekrn (ad4faade819e0da9933bea7c01d2c763) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
08:34:51.0913 4136 ekrn - ok
08:34:52.0003 4136 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
08:34:52.0010 4136 elxstor - ok
08:34:52.0052 4136 epfw (774babcb1144513dc86992003740b774) C:\Windows\system32\DRIVERS\epfw.sys
08:34:52.0055 4136 epfw - ok
08:34:52.0089 4136 EpfwLWF (2c22cc39309ee06ae870c183bf2a769d) C:\Windows\system32\DRIVERS\EpfwLWF.sys
08:34:52.0091 4136 EpfwLWF - ok
08:34:52.0110 4136 epfwwfp (2b4e5f01a4e786b422f4d617b51fa7d9) C:\Windows\system32\DRIVERS\epfwwfp.sys
08:34:52.0112 4136 epfwwfp - ok
08:34:52.0133 4136 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
08:34:52.0134 4136 ErrDev - ok
08:34:52.0183 4136 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
08:34:52.0189 4136 EventSystem - ok
08:34:52.0211 4136 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
08:34:52.0212 4136 exfat - ok
08:34:52.0236 4136 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
08:34:52.0239 4136 fastfat - ok
08:34:52.0290 4136 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
08:34:52.0300 4136 Fax - ok
08:34:52.0353 4136 FCSAM (e214d616f8dfcfe21f38f9aa8b7b8077) c:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe
08:34:52.0354 4136 FCSAM - ok
08:34:52.0384 4136 FcsSas (5e162feb08f6635f0348d250b98ac758) C:\Program Files\Microsoft Forefront\Client Security\Client\SSA\FcsSas.exe
08:34:52.0386 4136 FcsSas - ok
08:34:52.0402 4136 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
08:34:52.0403 4136 fdc - ok
08:34:52.0422 4136 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
08:34:52.0425 4136 fdPHost - ok
08:34:52.0441 4136 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
08:34:52.0444 4136 FDResPub - ok
08:34:52.0456 4136 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
08:34:52.0458 4136 FileInfo - ok
08:34:52.0475 4136 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
08:34:52.0476 4136 Filetrace - ok
08:34:52.0495 4136 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
08:34:52.0496 4136 flpydisk - ok
08:34:52.0520 4136 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
08:34:52.0524 4136 FltMgr - ok
08:34:52.0597 4136 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
08:34:52.0611 4136 FontCache - ok
08:34:52.0690 4136 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
08:34:52.0692 4136 FontCache3.0.0.0 - ok
08:34:52.0707 4136 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
08:34:52.0709 4136 FsDepends - ok
08:34:52.0745 4136 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
08:34:52.0747 4136 Fs_Rec - ok
08:34:52.0784 4136 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
08:34:52.0787 4136 fvevol - ok
08:34:52.0818 4136 fwkbdrtm (1587bd21f05076687d2896396fcbab7d) C:\Windows\system32\drivers\fwkbdrtm.sys
08:34:52.0819 4136 fwkbdrtm - ok
08:34:52.0845 4136 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
08:34:52.0847 4136 gagp30kx - ok
08:34:52.0903 4136 GoToAssist (8f6ae606eb0cc884ee12c41948424422) C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe
08:34:52.0905 4136 GoToAssist - ok
08:34:52.0953 4136 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
08:34:52.0965 4136 gpsvc - ok
08:34:52.0997 4136 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
08:34:52.0997 4136 hcw85cir - ok
08:34:53.0018 4136 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
08:34:53.0020 4136 HDAudBus - ok
08:34:53.0039 4136 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
08:34:53.0041 4136 HidBatt - ok
08:34:53.0064 4136 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
08:34:53.0066 4136 HidBth - ok
08:34:53.0086 4136 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
08:34:53.0087 4136 HidIr - ok
08:34:53.0112 4136 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
08:34:53.0116 4136 hidserv - ok
08:34:53.0128 4136 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
08:34:53.0129 4136 HidUsb - ok
08:34:53.0167 4136 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
08:34:53.0168 4136 hkmsvc - ok
08:34:53.0200 4136 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
08:34:53.0206 4136 HomeGroupListener - ok
08:34:53.0241 4136 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
08:34:53.0249 4136 HomeGroupProvider - ok
08:34:53.0269 4136 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
08:34:53.0271 4136 HpSAMD - ok
08:34:53.0317 4136 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
08:34:53.0325 4136 HTTP - ok
08:34:53.0345 4136 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
08:34:53.0345 4136 hwpolicy - ok
08:34:53.0369 4136 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
08:34:53.0371 4136 i8042prt - ok
08:34:53.0416 4136 iaStor (f4037a3fedb92dd97c95f320766ea5c9) C:\Windows\system32\DRIVERS\iaStor.sys
08:34:53.0422 4136 iaStor - ok
08:34:53.0463 4136 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
08:34:53.0470 4136 iaStorV - ok
08:34:53.0561 4136 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
08:34:53.0564 4136 IDriverT - ok
08:34:53.0670 4136 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:34:53.0684 4136 idsvc - ok
08:34:54.0253 4136 igfx (398b3e63a5ed485c5bee4b575dec4bb4) C:\Windows\system32\DRIVERS\igdkmd32.sys
08:34:54.0296 4136 igfx - ok
08:34:54.0391 4136 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
08:34:54.0393 4136 iirsp - ok
08:34:54.0451 4136 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
08:34:54.0465 4136 IKEEXT - ok
08:34:54.0493 4136 IntcDAud (5576ad2f0039d2bccca3567fc0bf981c) C:\Windows\system32\DRIVERS\IntcDAud.sys
08:34:54.0494 4136 IntcDAud - ok
08:34:54.0517 4136 Intel® PROSet Monitoring Service (f2c6fb081b707863a0a21d639f325475) C:\Windows\system32\IProsetMonitor.exe
08:34:54.0523 4136 Intel® PROSet Monitoring Service - ok
08:34:54.0543 4136 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
08:34:54.0544 4136 intelide - ok
08:34:54.0566 4136 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
08:34:54.0569 4136 intelppm - ok
08:34:54.0601 4136 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
08:34:54.0606 4136 IPBusEnum - ok
08:34:54.0625 4136 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:34:54.0627 4136 IpFilterDriver - ok
08:34:54.0666 4136 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
08:34:54.0677 4136 iphlpsvc - ok
08:34:54.0711 4136 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
08:34:54.0714 4136 IPMIDRV - ok
08:34:54.0729 4136 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
08:34:54.0731 4136 IPNAT - ok
08:34:54.0746 4136 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
08:34:54.0748 4136 IRENUM - ok
08:34:54.0773 4136 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
08:34:54.0775 4136 isapnp - ok
08:34:54.0808 4136 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
08:34:54.0812 4136 iScsiPrt - ok
08:34:54.0903 4136 jhi_service (3b794ca0de73790420deba3c759f1502) C:\Program Files\Intel\Services\IPT\jhi_service.exe
08:34:54.0908 4136 jhi_service - ok
08:34:54.0925 4136 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
08:34:54.0927 4136 kbdclass - ok
08:34:54.0944 4136 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
08:34:54.0946 4136 kbdhid - ok
08:34:54.0976 4136 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
08:34:54.0980 4136 KeyIso - ok
08:34:55.0010 4136 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
08:34:55.0012 4136 KSecDD - ok
08:34:55.0037 4136 KSecPkg (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
08:34:55.0039 4136 KSecPkg - ok
08:34:55.0081 4136 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
08:34:55.0090 4136 KtmRm - ok
08:34:55.0131 4136 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
08:34:55.0140 4136 LanmanServer - ok
08:34:55.0170 4136 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
08:34:55.0178 4136 LanmanWorkstation - ok
08:34:55.0206 4136 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
08:34:55.0208 4136 lltdio - ok
08:34:55.0241 4136 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
08:34:55.0247 4136 lltdsvc - ok
08:34:55.0267 4136 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
08:34:55.0306 4136 lmhosts - ok
08:34:55.0423 4136 LMIGuardianSvc (2375e7e01635fbccde2f796a9e078e07) E:\Watcher\x86\LMIGuardianSvc.exe
08:34:55.0474 4136 LMIGuardianSvc - ok
08:34:55.0555 4136 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) E:\Watcher\x86\RaInfo.sys
08:34:55.0612 4136 LMIInfo - ok
08:34:55.0671 4136 LMIMaint (b9c127273eaba403311854a8dcb6d0aa) E:\Watcher\x86\RaMaint.exe
08:34:55.0764 4136 LMIMaint - ok
08:34:55.0820 4136 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\Windows\system32\DRIVERS\lmimirr.sys
08:34:55.0852 4136 lmimirr - ok
08:34:55.0854 4136 LMIRfsClientNP - ok
08:34:55.0866 4136 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\Windows\system32\drivers\LMIRfsDriver.sys
08:34:55.0882 4136 LMIRfsDriver - ok
08:34:55.0983 4136 LMS (db083f1d27ba8a59cabb00f0a0fb6f84) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
08:34:56.0042 4136 LMS - ok
08:34:56.0118 4136 LogMeIn (432618fa75b61059d2c57d6a7e55147a) E:\Watcher\x86\LogMeIn.exe
08:34:56.0198 4136 LogMeIn - ok
08:34:56.0234 4136 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
08:34:56.0277 4136 LSI_FC - ok
08:34:56.0286 4136 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
08:34:56.0307 4136 LSI_SAS - ok
08:34:56.0323 4136 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:34:56.0343 4136 LSI_SAS2 - ok
08:34:56.0352 4136 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:34:56.0376 4136 LSI_SCSI - ok
08:34:56.0399 4136 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
08:34:56.0421 4136 luafv - ok
08:34:56.0446 4136 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
08:34:56.0464 4136 Mcx2Svc - ok
08:34:56.0476 4136 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
08:34:56.0487 4136 megasas - ok
08:34:56.0508 4136 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
08:34:56.0521 4136 MegaSR - ok
08:34:56.0555 4136 MEI (d86ac00883b9c98b570e7643aaf8e554) C:\Windows\system32\DRIVERS\HECI.sys
08:34:56.0571 4136 MEI - ok
08:34:56.0597 4136 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
08:34:56.0627 4136 MMCSS - ok
08:34:56.0642 4136 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
08:34:56.0655 4136 Modem - ok
08:34:56.0679 4136 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
08:34:56.0705 4136 monitor - ok
08:34:56.0737 4136 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
08:34:56.0784 4136 mouclass - ok
08:34:56.0858 4136 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
08:34:56.0883 4136 mouhid - ok
08:34:56.0922 4136 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
08:34:56.0923 4136 mountmgr - ok
08:34:56.0958 4136 MpFilter (efa85535eff4ed7f02ac6889267d9628) C:\Windows\system32\DRIVERS\MpFilter.sys
08:34:56.0968 4136 MpFilter - ok
08:34:56.0996 4136 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
08:34:57.0029 4136 mpio - ok
08:34:57.0050 4136 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
08:34:57.0071 4136 mpsdrv - ok
08:34:57.0104 4136 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
08:34:57.0140 4136 MpsSvc - ok
08:34:57.0164 4136 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
08:34:57.0178 4136 MRxDAV - ok
08:34:57.0210 4136 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
08:34:57.0243 4136 mrxsmb - ok
08:34:57.0280 4136 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:34:57.0304 4136 mrxsmb10 - ok
08:34:57.0321 4136 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:34:57.0346 4136 mrxsmb20 - ok
08:34:57.0360 4136 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
08:34:57.0371 4136 msahci - ok
08:34:57.0396 4136 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
08:34:57.0411 4136 msdsm - ok
08:34:57.0437 4136 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
08:34:57.0457 4136 MSDTC - ok
08:34:57.0485 4136 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
08:34:57.0511 4136 Msfs - ok
08:34:57.0526 4136 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
08:34:57.0533 4136 mshidkmdf - ok
08:34:57.0547 4136 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
08:34:57.0555 4136 msisadrv - ok
08:34:57.0574 4136 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
08:34:57.0590 4136 MSiSCSI - ok
08:34:57.0591 4136 msiserver - ok
08:34:57.0609 4136 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
08:34:57.0620 4136 MSKSSRV - ok
08:34:57.0628 4136 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
08:34:57.0636 4136 MSPCLOCK - ok
08:34:57.0646 4136 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
08:34:57.0656 4136 MSPQM - ok
08:34:57.0670 4136 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
08:34:57.0700 4136 MsRPC - ok
08:34:57.0720 4136 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
08:34:57.0732 4136 mssmbios - ok
08:34:57.0833 4136 MSSQL$WINCCFLEXEXPRESS - ok
08:34:57.0876 4136 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
08:34:57.0925 4136 MSSQLServerADHelper - ok
08:34:57.0928 4136 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
08:34:57.0935 4136 MSTEE - ok
08:34:57.0952 4136 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
08:34:57.0961 4136 MTConfig - ok
08:34:57.0975 4136 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
08:34:57.0990 4136 Mup - ok
08:34:58.0024 4136 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
08:34:58.0040 4136 napagent - ok
08:34:58.0092 4136 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
08:34:58.0134 4136 NativeWifiP - ok
08:34:58.0204 4136 NDIS (3723262737d90f58059ceda7373b0387) C:\Windows\system32\drivers\ndis.sys
08:34:58.0241 4136 NDIS - ok
08:34:58.0263 4136 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
08:34:58.0298 4136 NdisCap - ok
08:34:58.0315 4136 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
08:34:58.0327 4136 NdisTapi - ok
08:34:58.0356 4136 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
08:34:58.0403 4136 Ndisuio - ok
08:34:58.0425 4136 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
08:34:58.0453 4136 NdisWan - ok
08:34:58.0480 4136 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
08:34:58.0514 4136 NDProxy - ok
08:34:58.0580 4136 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
08:34:58.0616 4136 NetBIOS - ok
08:34:58.0642 4136 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
08:34:58.0646 4136 NetBT - ok
08:34:58.0681 4136 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
08:34:58.0685 4136 Netlogon - ok
08:34:58.0737 4136 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
08:34:58.0776 4136 Netman - ok
08:34:58.0825 4136 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
08:34:58.0845 4136 netprofm - ok
08:34:58.0902 4136 netr73 (d6c3db065b58ae8eebfc017756e01c96) C:\Windows\system32\DRIVERS\netr73.sys
08:34:58.0955 4136 netr73 - ok
08:34:59.0027 4136 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:34:59.0066 4136 NetTcpPortSharing - ok
08:34:59.0101 4136 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
08:34:59.0135 4136 nfrd960 - ok
08:34:59.0171 4136 NgFilter (c974017afc04f0b729cece1c3e6e702b) C:\Windows\system32\DRIVERS\ngfilter.sys
08:34:59.0202 4136 NgFilter - ok
08:34:59.0227 4136 NgLog (05d07dc18cec29982e9a2f7da94e5fe4) C:\Windows\system32\DRIVERS\nglog.sys
08:34:59.0463 4136 NgLog - ok
08:34:59.0479 4136 NgVpn (c90883aa2597a1b648c6e77d5fede809) C:\Windows\system32\DRIVERS\ngvpn.sys
08:34:59.0497 4136 NgVpn - ok
08:34:59.0550 4136 NgVpnMgr (60427f231e79ef684478873cc99d507a) C:\Windows\system32\ngvpnmgr.exe
08:34:59.0613 4136 NgVpnMgr - ok
08:34:59.0625 4136 NgWfp (26773e1b88636c747ae660380357ec01) C:\Windows\system32\DRIVERS\ngwfp.sys
08:34:59.0636 4136 NgWfp - ok
08:34:59.0667 4136 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
08:34:59.0700 4136 NlaSvc - ok
08:34:59.0708 4136 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
08:34:59.0722 4136 Npfs - ok
08:34:59.0746 4136 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
08:34:59.0771 4136 nsi - ok
08:34:59.0785 4136 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
08:34:59.0785 4136 nsiproxy - ok
08:34:59.0873 4136 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
08:34:59.0972 4136 Ntfs - ok
08:35:00.0069 4136 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
08:35:00.0091 4136 Null - ok
08:35:00.0126 4136 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
08:35:00.0183 4136 nvraid - ok
08:35:00.0201 4136 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
08:35:00.0227 4136 nvstor - ok
08:35:00.0265 4136 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
08:35:00.0296 4136 nv_agp - ok
08:35:00.0336 4136 O2FLASH (4e37455db16aec75862b1d0bc35b589e) C:\Windows\system32\DRIVERS\o2flash.exe
08:35:00.0389 4136 O2FLASH - ok
08:35:00.0415 4136 O2MDFRDR (5f63917fcc257ed11e828230be594194) C:\Windows\system32\DRIVERS\O2MDFw7.sys
08:35:00.0434 4136 O2MDFRDR - ok
08:35:00.0463 4136 O2MDRRDR (fdc901900d9b1b671b3388c3023bd2ea) C:\Windows\system32\DRIVERS\O2MDRw7.sys
08:35:00.0499 4136 O2MDRRDR - ok
08:35:00.0538 4136 O2SDIOAssist (4635935fc972c582632bf45c26bfcb0e) c:\Windows\system32\srvany.exe
08:35:00.0569 4136 O2SDIOAssist - ok
08:35:00.0646 4136 O2SDJRDR (d5a27c1ecd36564fed061efb78bd0a62) C:\Windows\system32\DRIVERS\o2sdjw7.sys
08:35:00.0688 4136 O2SDJRDR - ok
08:35:00.0716 4136 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
08:35:00.0748 4136 ohci1394 - ok
08:35:00.0822 4136 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:35:00.0905 4136 ose - ok
08:35:01.0142 4136 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:35:02.0040 4136 osppsvc - ok
08:35:02.0167 4136 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
08:35:02.0239 4136 p2pimsvc - ok
08:35:02.0290 4136 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
08:35:02.0363 4136 p2psvc - ok
08:35:02.0421 4136 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
08:35:02.0491 4136 Parport - ok
08:35:02.0525 4136 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
08:35:02.0541 4136 partmgr - ok
08:35:02.0551 4136 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
08:35:02.0559 4136 Parvdm - ok
08:35:02.0585 4136 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\Windows\system32\DRIVERS\PBADRV.sys
08:35:02.0623 4136 PBADRV - ok
08:35:02.0648 4136 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
08:35:02.0676 4136 PcaSvc - ok
08:35:02.0710 4136 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
08:35:02.0752 4136 pci - ok
08:35:02.0780 4136 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
08:35:02.0804 4136 pciide - ok
08:35:02.0825 4136 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
08:35:02.0840 4136 pcmcia - ok
08:35:02.0852 4136 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
08:35:02.0864 4136 pcw - ok
08:35:02.0919 4136 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
08:35:02.0956 4136 PEAUTH - ok
08:35:03.0030 4136 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
08:35:03.0085 4136 PeerDistSvc - ok
08:35:03.0174 4136 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
08:35:03.0246 4136 pla - ok
08:35:03.0369 4136 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
08:35:03.0384 4136 PlugPlay - ok
08:35:03.0405 4136 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
08:35:03.0434 4136 PNRPAutoReg - ok
08:35:03.0465 4136 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
08:35:03.0468 4136 PNRPsvc - ok
08:35:03.0510 4136 Point32 (7d7a9c17d5455203dea11e5ef886cc59) C:\Windows\system32\DRIVERS\point32.sys
08:35:03.0538 4136 Point32 - ok
08:35:03.0568 4136 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
08:35:03.0600 4136 PolicyAgent - ok
08:35:03.0614 4136 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
08:35:03.0628 4136 Power - ok
08:35:03.0661 4136 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
08:35:03.0695 4136 PptpMiniport - ok
08:35:03.0709 4136 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
08:35:03.0722 4136 Processor - ok
08:35:03.0775 4136 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
08:35:03.0812 4136 ProfSvc - ok
08:35:03.0846 4136 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
08:35:03.0847 4136 ProtectedStorage - ok
08:35:03.0891 4136 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
08:35:03.0894 4136 Psched - ok
08:35:03.0941 4136 pssnap (62939aec26e3fe16eda39f1928897847) C:\Windows\system32\DRIVERS\pssnap.sys
08:35:03.0968 4136 pssnap - ok
08:35:04.0003 4136 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
08:35:04.0045 4136 PxHelp20 - ok
08:35:04.0125 4136 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
08:35:04.0233 4136 ql2300 - ok
08:35:04.0336 4136 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
08:35:04.0387 4136 ql40xx - ok
08:35:04.0424 4136 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
08:35:04.0472 4136 QWAVE - ok
08:35:04.0492 4136 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
08:35:04.0542 4136 QWAVEdrv - ok
08:35:04.0644 4136 RalinkRegistryWriter (e155e09229624c69a1a6609c0cb3641f) C:\Program Files\Ralink\Common\RaRegistry.exe
08:35:04.0700 4136 RalinkRegistryWriter - ok
08:35:04.0709 4136 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
08:35:04.0723 4136 RasAcd - ok
08:35:04.0744 4136 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
08:35:04.0761 4136 RasAgileVpn - ok
08:35:04.0778 4136 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
08:35:04.0794 4136 RasAuto - ok
08:35:04.0817 4136 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
08:35:04.0862 4136 Rasl2tp - ok
08:35:04.0896 4136 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
08:35:04.0920 4136 RasMan - ok
08:35:04.0944 4136 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
08:35:04.0974 4136 RasPppoe - ok
08:35:04.0985 4136 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
08:35:05.0007 4136 RasSstp - ok
08:35:05.0031 4136 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
08:35:05.0100 4136 rdbss - ok
08:35:05.0113 4136 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
08:35:05.0125 4136 rdpbus - ok
08:35:05.0144 4136 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
08:35:05.0144 4136 RDPCDD - ok
08:35:05.0172 4136 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
08:35:05.0220 4136 RDPDR - ok
08:35:05.0242 4136 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
08:35:05.0243 4136 RDPENCDD - ok
08:35:05.0258 4136 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
08:35:05.0260 4136 RDPREFMP - ok
08:35:05.0307 4136 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
08:35:05.0403 4136 RDPWD - ok
08:35:05.0428 4136 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
08:35:05.0459 4136 rdyboost - ok
08:35:05.0495 4136 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
08:35:05.0542 4136 RemoteAccess - ok
08:35:05.0584 4136 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
08:35:05.0638 4136 RemoteRegistry - ok
08:35:05.0683 4136 RimUsb (0f6756ef8bda6dfa7be50465c83132bb) C:\Windows\system32\Drivers\RimUsb.sys
08:35:05.0721 4136 RimUsb - ok
08:35:05.0889 4136 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
08:35:05.0996 4136 RoxMediaDB12OEM - ok
08:35:06.0030 4136 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
08:35:06.0060 4136 RoxWatch12 - ok
08:35:06.0155 4136 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
08:35:06.0180 4136 RpcEptMapper - ok
08:35:06.0206 4136 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
08:35:06.0237 4136 RpcLocator - ok
08:35:06.0315 4136 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
08:35:06.0326 4136 RpcSs - ok
08:35:06.0374 4136 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
08:35:06.0418 4136 rspndr - ok
08:35:06.0434 4136 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
08:35:06.0442 4136 s3cap - ok
08:35:06.0574 4136 s7oiehsx (96f24ce77d6d3dd923d3bca8b77acc32) C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
08:35:06.0653 4136 s7oiehsx - ok
08:35:06.0689 4136 S7TraceServiceX (844790e38349301ada32fe8a4357d749) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
08:35:06.0767 4136 S7TraceServiceX - ok
08:35:06.0866 4136 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
08:35:06.0870 4136 SamSs - ok
08:35:06.0921 4136 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
08:35:06.0964 4136 sbp2port - ok
08:35:07.0087 4136 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
08:35:08.0019 4136 SBSDWSCService - ok
08:35:08.0097 4136 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
08:35:08.0129 4136 SCardSvr - ok
08:35:08.0159 4136 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
08:35:08.0185 4136 scfilter - ok
08:35:08.0248 4136 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
08:35:08.0356 4136 Schedule - ok
08:35:08.0389 4136 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
08:35:08.0392 4136 SCPolicySvc - ok
08:35:08.0448 4136 sd0007322081041363_kcanv (4a59dea94406183a8520ee18f20f3bc1) C:\Windows\system32\drivers\sauerdanfosskcanv.sys
08:35:08.0496 4136 sd0007322081041363_kcanv - ok
08:35:08.0520 4136 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
08:35:08.0537 4136 SDRSVC - ok
08:35:08.0569 4136 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
08:35:08.0602 4136 secdrv - ok
08:35:08.0629 4136 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
08:35:08.0663 4136 seclogon - ok
08:35:08.0831 4136 SecureStorageService (6abf8e8ae3800ccf84d9ae6865a641e5) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
08:35:09.0153 4136 SecureStorageService - ok
08:35:09.0262 4136 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
08:35:09.0270 4136 SENS - ok
08:35:09.0295 4136 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
08:35:09.0327 4136 SensrSvc - ok
08:35:09.0370 4136 Ser2pl (ac1f2a09b76b57356f906eeda43ccc2a) C:\Windows\system32\DRIVERS\ser2pl.sys
08:35:09.0400 4136 Ser2pl - ok
08:35:09.0430 4136 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
08:35:09.0440 4136 Serenum - ok
08:35:09.0464 4136 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
08:35:09.0526 4136 Serial - ok
08:35:09.0565 4136 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
08:35:09.0593 4136 sermouse - ok
08:35:09.0620 4136 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
08:35:09.0658 4136 SessionEnv - ok
08:35:09.0685 4136 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
08:35:09.0712 4136 sffdisk - ok
08:35:09.0721 4136 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
08:35:09.0731 4136 sffp_mmc - ok
08:35:09.0742 4136 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
08:35:09.0752 4136 sffp_sd - ok
08:35:09.0760 4136 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
08:35:09.0770 4136 sfloppy - ok
08:35:09.0816 4136 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
08:35:09.0879 4136 SharedAccess - ok
08:35:09.0908 4136 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
08:35:09.0931 4136 ShellHWDetection - ok
08:35:09.0949 4136 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
08:35:09.0986 4136 sisagp - ok
08:35:10.0007 4136 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:35:10.0041 4136 SiSRaid2 - ok
08:35:10.0051 4136 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
08:35:10.0068 4136 SiSRaid4 - ok
08:35:10.0228 4136 smartserver (004e882e5d306f54a3a7ec8c3969b654) C:\PROGRAM FILES\SIEMENS\SIMATIC WINCC FLEXIBLE\WINCC FLEXIBLE 2008 RUNTIME\SMARTSERVER.EXE
08:35:10.0304 4136 smartserver - ok
08:35:10.0329 4136 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
08:35:10.0352 4136 Smb - ok
08:35:10.0388 4136 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
08:35:10.0402 4136 SNMPTRAP - ok
08:35:10.0461 4136 SolidWorks Licensing Service (4945020bc094c322571184a6e8056b3a) C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
08:35:12.0597 4136 SolidWorks Licensing Service - ok
08:35:12.0616 4136 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
08:35:12.0625 4136 spldr - ok
08:35:12.0666 4136 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
08:35:12.0693 4136 Spooler - ok
08:35:12.0836 4136 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
08:35:12.0899 4136 sppsvc - ok
08:35:13.0003 4136 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
08:35:13.0044 4136 sppuinotify - ok
08:35:13.0127 4136 SQLBrowser (7d67c07c63796775cc5492bcfeaff125) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
08:35:13.0196 4136 SQLBrowser - ok
08:35:13.0249 4136 SQLWriter (8e6e5cfa06769a417b03fd6faa29e010) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
08:35:13.0299 4136 SQLWriter - ok
08:35:13.0351 4136 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
08:35:13.0387 4136 srv - ok
08:35:13.0413 4136 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
08:35:13.0436 4136 srv2 - ok
08:35:13.0451 4136 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
08:35:13.0470 4136 srvnet - ok
08:35:13.0501 4136 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
08:35:13.0528 4136 SstpSvc - ok
08:35:13.0589 4136 STacSV (c98df3ffebac8af2bbb4457c0d3089c3) C:\Program Files\IDT\WDM\STacSV.exe
08:35:13.0649 4136 STacSV - ok
08:35:13.0675 4136 stdcfltn (1e72739a30a0d3e3fc95ebb07f83912d) C:\Windows\system32\DRIVERS\stdcfltn.sys
08:35:13.0702 4136 stdcfltn - ok
08:35:13.0724 4136 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
08:35:13.0735 4136 stexstor - ok
08:35:13.0773 4136 STHDA (21f813319985592b484932fac7167956) C:\Windows\system32\DRIVERS\stwrt.sys
08:35:13.0826 4136 STHDA - ok
08:35:13.0879 4136 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
08:35:13.0931 4136 StiSvc - ok
08:35:14.0011 4136 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
08:35:14.0042 4136 stllssvr - ok
08:35:14.0052 4136 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
08:35:14.0065 4136 storflt - ok
08:35:14.0091 4136 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
08:35:14.0125 4136 StorSvc - ok
08:35:14.0154 4136 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
08:35:14.0184 4136 storvsc - ok
08:35:14.0239 4136 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
08:35:14.0266 4136 swenum - ok
08:35:14.0322 4136 swg3kser00 (fdbd13ce3b3fc298e7fbb98b026f1ecb) C:\Windows\system32\DRIVERS\swg3kser00.sys
08:35:14.0381 4136 swg3kser00 - ok
08:35:14.0431 4136 swiwdmbx (c61566be5b8da87f1b2bd3d9ec08592d) C:\Windows\system32\DRIVERS\swiwdmbx.sys
08:35:14.0456 4136 swiwdmbx - ok
08:35:14.0493 4136 SWNC8UA3 (1d394f1585793ac2a9738028ff97fbe3) C:\Windows\system32\DRIVERS\swnc8ua3.sys
08:35:14.0567 4136 SWNC8UA3 - ok
08:35:14.0607 4136 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
08:35:14.0693 4136 swprv - ok
08:35:14.0762 4136 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
08:35:14.0816 4136 SysMain - ok
08:35:14.0847 4136 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
08:35:14.0895 4136 TabletInputService - ok
08:35:14.0927 4136 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
08:35:14.0973 4136 TapiSrv - ok
08:35:14.0991 4136 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
08:35:15.0053 4136 TBS - ok
08:35:15.0141 4136 TcEventLogger (accf64153166182d8c5cd2383fa0071a) C:\TwinCAT\EventLogger\TcEventLogger.exe
08:35:15.0184 4136 TcEventLogger - ok
08:35:15.0278 4136 TcIo (05a9e89bcd32368e46c620fccef7df64) C:\TwinCAT\Driver\TcIo.sys
08:35:15.0307 4136 TcIo - ok
08:35:15.0372 4136 TcIoBACnet (bb6fe3a46c235d1d763216eca8894796) C:\TwinCAT\Driver\AddDriver\TcIoBACnet.sys
08:35:15.0394 4136 TcIoBACnet - ok
08:35:15.0420 4136 TcIoCCat (66bc46f32836b7f9bef02b25b49dea2c) C:\TwinCAT\Driver\AddDriver\TcIoCCat.sys
08:35:15.0431 4136 TcIoCCat - ok
08:35:15.0465 4136 TcIoECat (10c9ad172fd3861cde3b13fccd41d7f5) C:\TwinCAT\Driver\AddDriver\TcIoECat.sys
08:35:15.0500 4136 TcIoECat - ok
08:35:15.0534 4136 TcIoESlv (1df91276107891afc520cb98a982733a) C:\TwinCAT\Driver\AddDriver\TcIoESlv.sys
08:35:15.0565 4136 TcIoESlv - ok
08:35:15.0602 4136 TcIoEth (d57f4994b5a6fe097a4d5eb5862e203d) C:\TwinCAT\Driver\AddDriver\TcIoEth.sys
08:35:15.0628 4136 TcIoEth - ok
08:35:15.0655 4136 TcIoPNet (c7d691ce1a2f48b258c4a024410af5c2) C:\TwinCAT\Driver\AddDriver\TcIoPNet.sys
08:35:15.0668 4136 TcIoPNet - ok
08:35:15.0850 4136 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
08:35:15.0923 4136 Tcpip - ok
08:35:16.0058 4136 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
08:35:16.0073 4136 TCPIP6 - ok
08:35:16.0139 4136 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
08:35:16.0167 4136 tcpipreg - ok
08:35:16.0289 4136 TcPlc (a38f53dc40d1ae09dd30f519ec5b0830) C:\TwinCAT\Driver\TcPlc.sys
08:35:16.0327 4136 TcPlc - ok
08:35:16.0366 4136 TcRouter (3b4a4200e1b03fb2b2d50a149f61b870) C:\TwinCAT\Driver\TcRouter.sys
08:35:16.0409 4136 TcRouter - ok
08:35:16.0441 4136 TcRTime (2a2fcb4521974f8c17ae6640babae8c3) C:\TwinCAT\Driver\TcRTime.sys
08:35:16.0457 4136 TcRTime - ok
08:35:16.0511 4136 TcRtsObjects (ff78292045bd79b0505476260251b2a4) C:\TwinCAT\Driver\AddDriver\TcRtsObjects.sys
08:35:16.0550 4136 TcRtsObjects - ok
08:35:16.0727 4136 tcsd_win32.exe (e42d560e2163480e7b586b14abeb3386) C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
08:35:16.0984 4136 tcsd_win32.exe - ok
08:35:17.0177 4136 TdmService (b434294eaa2ae4fb9bd63e25eb89b86f) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
08:35:17.0277 4136 TdmService - ok
08:35:17.0388 4136 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
08:35:17.0421 4136 TDPIPE - ok
08:35:17.0452 4136 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
08:35:17.0484 4136 TDTCP - ok
08:35:17.0513 4136 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
08:35:17.0554 4136 tdx - ok
08:35:17.0721 4136 TeamViewer6 (8a9828975a857e477efef5a61ba45ac0) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
08:35:17.0781 4136 TeamViewer6 - ok
08:35:17.0874 4136 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
08:35:17.0911 4136 TermDD - ok
08:35:17.0945 4136 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
08:35:18.0006 4136 TermService - ok
08:35:18.0032 4136 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
08:35:18.0052 4136 Themes - ok
08:35:18.0073 4136 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
08:35:18.0075 4136 THREADORDER - ok
08:35:18.0111 4136 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
08:35:18.0135 4136 TrkWks - ok
08:35:18.0185 4136 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
08:35:18.0242 4136 TrustedInstaller - ok
08:35:18.0253 4136 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
08:35:18.0253 4136 tssecsrv - ok
08:35:18.0290 4136 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
08:35:18.0328 4136 TsUsbFlt - ok
08:35:18.0372 4136 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
08:35:18.0408 4136 tunnel - ok
08:35:18.0499 4136 TwinCAT System Service (15af16615f7682f0956a063d55e1ee27) C:\TwinCAT\TCATSysSrv.exe
08:35:18.0556 4136 TwinCAT System Service - ok
08:35:18.0589 4136 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
08:35:18.0627 4136 uagp35 - ok
08:35:18.0678 4136 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
08:35:18.0716 4136 udfs - ok
08:35:18.0748 4136 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
08:35:18.0800 4136 UI0Detect - ok
08:35:18.0837 4136 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
08:35:18.0870 4136 uliagpkx - ok
08:35:18.0903 4136 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
08:35:18.0918 4136 umbus - ok
08:35:18.0936 4136 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
08:35:18.0945 4136 UmPass - ok
08:35:18.0972 4136 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
08:35:19.0012 4136 UmRdpService - ok
08:35:19.0222 4136 UNS (07ae0c9f64c4d83abaa816ee23548d6d) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
08:35:19.0357 4136 UNS - ok
08:35:19.0476 4136 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
08:35:19.0530 4136 upnphost - ok
08:35:19.0574 4136 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
08:35:19.0621 4136 usbccgp - ok
08:35:19.0656 4136 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
08:35:19.0687 4136 usbcir - ok
08:35:19.0716 4136 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
08:35:19.0731 4136 usbehci - ok
08:35:19.0770 4136 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
08:35:19.0824 4136 usbhub - ok
08:35:19.0837 4136 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
08:35:19.0849 4136 usbohci - ok
08:35:19.0872 4136 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
08:35:19.0892 4136 usbprint - ok
08:35:19.0913 4136 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:35:19.0933 4136 USBSTOR - ok
08:35:19.0949 4136 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
08:35:19.0960 4136 usbuhci - ok
08:35:19.0984 4136 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
08:35:19.0995 4136 usbvideo - ok
08:35:20.0007 4136 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
08:35:20.0019 4136 UxSms - ok
08:35:20.0051 4136 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
08:35:20.0052 4136 VaultSvc - ok
08:35:20.0087 4136 vci109w3 (90df2b2723b761365ff4e7a804309837) C:\Windows\system32\DRIVERS\vci109w3.sys
08:35:20.0159 4136 vci109w3 - ok
08:35:20.0229 4136 vcisrv (3fa0c2c49a510e6c78f91e903980164f) C:\Windows\System32\drivers\vcisrv.sys
08:35:20.0253 4136 vcisrv - ok
08:35:20.0288 4136 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
08:35:20.0299 4136 vdrvroot - ok
08:35:20.0330 4136 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
08:35:20.0402 4136 vds - ok
08:35:20.0440 4136 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
08:35:20.0466 4136 vga - ok
08:35:20.0483 4136 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
08:35:20.0494 4136 VgaSave - ok
08:35:20.0519 4136 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
08:35:20.0534 4136 vhdmp - ok
08:35:20.0565 4136 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
08:35:20.0604 4136 viaagp - ok
08:35:20.0624 4136 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
08:35:20.0640 4136 ViaC7 - ok
08:35:20.0653 4136 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
08:35:20.0662 4136 viaide - ok
08:35:20.0685 4136 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
08:35:20.0763 4136 vmbus - ok
08:35:20.0787 4136 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
08:35:20.0812 4136 VMBusHID - ok
08:35:20.0836 4136 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
08:35:20.0873 4136 volmgr - ok
08:35:20.0914 4136 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
08:35:20.0930 4136 volmgrx - ok
08:35:20.0984 4136 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
08:35:21.0038 4136 volsnap - ok
08:35:21.0085 4136 vpcbus (b26536add1d748cda104d856c979ae79) C:\Windows\system32\DRIVERS\vpchbus.sys
08:35:21.0115 4136 vpcbus - ok
08:35:21.0151 4136 vpcnfltr (a0f7e923a6261760130f22b85df9040e) C:\Windows\system32\DRIVERS\vpcnfltr.sys
08:35:21.0182 4136 vpcnfltr - ok
08:35:21.0259 4136 vpcusb (5f4b55e91ce7e2523c9e1e0ece858869) C:\Windows\system32\DRIVERS\vpcusb.sys
08:35:21.0303 4136 vpcusb - ok
08:35:21.0328 4136 vpcuxd (c35c2c888aff276e95ad3db3b7a8d003) C:\Windows\system32\DRIVERS\vpcuxd.sys
08:35:21.0338 4136 vpcuxd - ok
08:35:21.0375 4136 vpcvmm (b487191fe18d6863381a1ac55482469a) C:\Windows\system32\drivers\vpcvmm.sys
08:35:21.0402 4136 vpcvmm - ok
08:35:21.0425 4136 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
08:35:21.0454 4136 vsmraid - ok
08:35:21.0531 4136 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
08:35:21.0643 4136 VSS - ok
08:35:21.0656 4136 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
08:35:21.0667 4136 vwifibus - ok
08:35:21.0689 4136 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
08:35:21.0706 4136 vwififlt - ok
08:35:21.0719 4136 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
08:35:21.0729 4136 vwifimp - ok
08:35:21.0763 4136 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
08:35:21.0779 4136 W32Time - ok
08:35:21.0795 4136 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
08:35:21.0806 4136 WacomPen - ok
08:35:21.0839 4136 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
08:35:21.0874 4136 WANARP - ok
08:35:21.0876 4136 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
08:35:21.0877 4136 Wanarpv6 - ok
08:35:21.0984 4136 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
08:35:22.0475 4136 WatAdminSvc - ok
08:35:22.0963 4136 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
08:35:23.0091 4136 wbengine - ok
08:35:23.0133 4136 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
08:35:23.0185 4136 WbioSrvc - ok
08:35:23.0218 4136 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
08:35:23.0277 4136 wcncsvc - ok
08:35:23.0293 4136 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
08:35:23.0308 4136 WcsPlugInService - ok
08:35:23.0349 4136 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
08:35:23.0380 4136 Wd - ok
08:35:23.0408 4136 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
08:35:23.0416 4136 WDC_SAM - ok
08:35:23.0444 4136 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
08:35:23.0470 4136 Wdf01000 - ok
08:35:23.0487 4136 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
08:35:23.0517 4136 WdiServiceHost - ok
08:35:23.0518 4136 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
08:35:23.0521 4136 WdiSystemHost - ok
08:35:23.0554 4136 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
08:35:23.0574 4136 WebClient - ok
08:35:23.0597 4136 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
08:35:23.0635 4136 Wecsvc - ok
08:35:23.0657 4136 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
08:35:23.0700 4136 wercplsupport - ok
08:35:23.0729 4136 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
08:35:23.0781 4136 WerSvc - ok
08:35:23.0798 4136 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
08:35:23.0807 4136 WfpLwf - ok
08:35:23.0821 4136 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
08:35:23.0831 4136 WIMMount - ok
08:35:23.0929 4136 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
08:35:24.0009 4136 WinDefend - ok
08:35:24.0020 4136 WinHttpAutoProxySvc - ok
08:35:24.0074 4136 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
08:35:24.0114 4136 Winmgmt - ok
08:35:24.0196 4136 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
08:35:24.0342 4136 WinRM - ok
08:35:24.0399 4136 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\drivers\WinUSB.sys
08:35:24.0433 4136 WinUsb - ok
08:35:24.0500 4136 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
08:35:24.0556 4136 Wlansvc - ok
08:35:24.0632 4136 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:35:24.0659 4136 wlcrasvc - ok
08:35:24.0772 4136 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:35:24.0834 4136 wlidsvc - ok
08:35:24.0865 4136 wltrysvc (54950d34613936fee2d50fdc8a810feb) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
08:35:24.0897 4136 wltrysvc - ok
08:35:25.0006 4136 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
08:35:25.0034 4136 WmiAcpi - ok
08:35:25.0100 4136 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
08:35:25.0168 4136 wmiApSrv - ok
08:35:25.0253 4136 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
08:35:25.0292 4136 WMPNetworkSvc - ok
08:35:25.0369 4136 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
08:35:25.0404 4136 WPCSvc - ok
08:35:25.0431 4136 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
08:35:25.0467 4136 WPDBusEnum - ok
08:35:25.0496 4136 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
08:35:25.0523 4136 ws2ifsl - ok
08:35:25.0543 4136 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
08:35:25.0571 4136 wscsvc - ok
08:35:25.0573 4136 WSearch - ok
08:35:25.0701 4136 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
08:35:25.0750 4136 wuauserv - ok
08:35:25.0831 4136 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
08:35:25.0867 4136 WudfPf - ok
08:35:25.0885 4136 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
08:35:25.0905 4136 WUDFRd - ok
08:35:25.0946 4136 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
08:35:25.0983 4136 wudfsvc - ok
08:35:26.0008 4136 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
08:35:26.0065 4136 WwanSvc - ok
08:35:26.0098 4136 XatReg (881a533988290326e41c8a77008f4f8c) C:\Windows\System32\drivers\XatReg.sys
08:35:26.0125 4136 XatReg - ok
08:35:26.0157 4136 XATucp (9dd733b0d2fb6e06e049726629fd4f91) C:\Windows\system32\DRIVERS\XATucp.sys
08:35:26.0205 4136 XATucp - ok
08:35:26.0265 4136 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
08:35:26.0606 4136 \Device\Harddisk0\DR0 - ok
08:35:26.0612 4136 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
08:35:27.0095 4136 \Device\Harddisk1\DR1 - ok
08:35:27.0101 4136 Boot (0x1200) (49642e1eaddf4ec50e6426f4c4845153) \Device\Harddisk0\DR0\Partition0
08:35:27.0104 4136 \Device\Harddisk0\DR0\Partition0 - ok
08:35:27.0122 4136 Boot (0x1200) (971f73bd1b6088f971eae6d526234010) \Device\Harddisk0\DR0\Partition1
08:35:27.0126 4136 \Device\Harddisk0\DR0\Partition1 - ok
08:35:27.0159 4136 Boot (0x1200) (c72bef761ffe681b5a4003e8962ff015) \Device\Harddisk0\DR0\Partition2
08:35:27.0163 4136 \Device\Harddisk0\DR0\Partition2 - ok
08:35:27.0169 4136 Boot (0x1200) (350c89e57f9cc4afe580ab2db6e8702d) \Device\Harddisk1\DR1\Partition0
08:35:27.0174 4136 \Device\Harddisk1\DR1\Partition0 - ok
08:35:27.0176 4136 ============================================================
08:35:27.0176 4136 Scan finished
08:35:27.0176 4136 ============================================================
08:35:27.0193 0716 Detected object count: 0
08:35:27.0193 0716 Actual detected object count: 0

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-16 08:37:02
-----------------------------
08:37:02.191 OS Version: Windows 6.1.7601 Service Pack 1
08:37:02.191 Number of processors: 4 586 0x2A07
08:37:02.192 ComputerName: (private) UserName:
08:37:03.163 Initialize success
08:42:02.031 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
08:42:02.033 Disk 0 Vendor: ST932042 D005 Size: 305245MB BusType: 8
08:42:02.036 Disk 0 MBR read successfully
08:42:02.037 Disk 0 MBR scan
08:42:02.038 Disk 0 Windows VISTA default MBR code
08:42:02.040 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
08:42:02.051 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 752 MB offset 81920
08:42:02.059 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 279452 MB offset 1622016
08:42:02.061 Disk 0 Partition - 00 0F Extended LBA 25000 MB offset 573939712
08:42:02.104 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 8000 MB offset 573941760
08:42:02.119 Disk 0 scanning sectors +625139712
08:42:02.208 Disk 0 scanning C:\Windows\system32\drivers
08:42:15.534 Service scanning
08:42:33.521 Modules scanning
08:42:44.083 Disk 0 trace - called modules:
08:42:44.114 ntkrnlpa.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys halmacpi.dll iaStor.sys
08:42:44.117 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87faf030]
08:42:44.120 3 CLASSPNP.SYS[8c1da59e] -> nt!IofCallDriver -> [0x87fae618]
08:42:44.133 5 stdcfltn.sys[8c3cd896] -> nt!IofCallDriver -> [0x864a7958]
08:42:44.146 7 ACPI.sys[8ba883d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86469028]
08:42:44.153 Scan finished successfully
08:43:02.650 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
08:43:02.655 The log file has been saved successfully to "C:\aswMBR.txt"


Looks like the eset scan stalled the first time. No export button option that I can see...but it doesn't seem to have found anyhting. 0 infected 0 cleaned ~213k files scanned.

Edited by grim22x7, 16 July 2012 - 03:23 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:38 AM

Posted 16 July 2012 - 07:56 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe

Click on LOOK,post the generated log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Edited by narenxp, 16 July 2012 - 07:57 PM.


#5 grim22x7

grim22x7
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 17 July 2012 - 06:42 PM

Below are the logs. I've edited out some information (clearly) it's not relevant, and it would suck if my bosses found out I wasn't using the IT mentioned above.

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.17.12

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
(private) :: (private) [administrator]

Protection: Enabled

7/17/2012 3:11:41 PM
mbam-log-2012-07-17 (15-11-41).txt

Scan type: Full scan (C:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 460625
Time elapsed: 1 hour(s), 48 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

SystemLook 30.07.11 by jpshortstuff
Log created at 17:52 on 17/07/2012 by (private)
(Limited User)

========== filefind ==========

Searching for "services.exe"
C:\Users\(private)\Documents\LGV\Beckhoff_OS\CX1800-0202-0002v135a\WINDOWS\system32\services.exe --a---- 108032 bytes [20:04 21/06/2011] [16:44 13/10/2006] C6CE6EEC82F187615D1002BB3BB50ED4
C:\Windows\System32\services.exe --a---- 259072 bytes [23:11 13/07/2009] [01:14 14/07/2009] 5F1B6A9C35D3D5CA72D6D6FDEF9747D6
C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe --a---- 259072 bytes [23:11 13/07/2009] [01:14 14/07/2009] 5F1B6A9C35D3D5CA72D6D6FDEF9747D6

-= EOF =-



MiniToolBox by Farbar Version: 15-07-2012
Ran by (private) (administrator) on 17-07-2012 at 18:20:15
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15055 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Aventail VPN Adapter = Local Area Connection 3 (Connected)
Cisco Systems VPN Adapter = Local Area Connection 2 (Hardware not present)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Hardware not present)
Intel® 82579LM Gigabit Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=disabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Wireless Network Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="Local Area Connection" address=192.123.14.128 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : (private)
Primary Dns Suffix . . . . . . . : (private)
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : (private)

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : EC-55-F9-55-50-C9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::20c7:ae29:6871:729%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, July 17, 2012 5:46:53 PM
Lease Expires . . . . . . . . . . : Wednesday, July 18, 2012 5:46:57 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 250369529
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-3F-5C-91-5C-26-0A-4B-CF-54
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82579LM Gigabit Network Connection
Physical Address. . . . . . . . . : 5C-26-0A-4B-CF-54
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E9EB86D0-A8FB-461B-A089-477E483082F0}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{FB6C1979-5A49-4FBE-A305-25A32B9A6410}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:207d:2a81:3f57:fefb(Preferred)
Link-local IPv6 Address . . . . . : fe80::207d:2a81:3f57:fefb%24(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: webapi.nvtl
Address: 192.168.1.1

Name: google.com
Addresses: 2001:4860:b007::8b
209.85.225.102
209.85.225.113
209.85.225.138
209.85.225.139
209.85.225.100
209.85.225.101


Pinging google.com [209.85.225.101] with 32 bytes of data:
Reply from 209.85.225.101: bytes=32 time=405ms TTL=50
Reply from 209.85.225.101: bytes=32 time=717ms TTL=50

Ping statistics for 209.85.225.101:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 405ms, Maximum = 717ms, Average = 561ms
Server: webapi.nvtl
Address: 192.168.1.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=1016ms TTL=47
Reply from 98.139.183.24: bytes=32 time=1330ms TTL=47

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1016ms, Maximum = 1330ms, Average = 1173ms
Server: webapi.nvtl
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 3ms, Average = 2ms
===========================================================================
Interface List
11...ec 55 f9 55 50 c9 ......DW1501 Wireless-N WLAN Half-Mini Card
10...5c 26 0a 4b cf 54 ......Intel® 82579LM Gigabit Network Connection
1...........................Software Loopback Interface 1
28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
27...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
24...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.4 281
192.168.1.4 255.255.255.255 On-link 192.168.1.4 281
192.168.1.255 255.255.255.255 On-link 192.168.1.4 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.4 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.4 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
24 58 ::/0 On-link
1 306 ::1/128 On-link
24 58 2001::/32 On-link
24 306 2001:0:5ef5:79fd:207d:2a81:3f57:fefb/128
On-link
11 281 fe80::/64 On-link
24 306 fe80::/64 On-link
24 306 fe80::207d:2a81:3f57:fefb/128
On-link
11 281 fe80::20c7:ae29:6871:729/128
On-link
1 306 ff00::/8 On-link
24 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/17/2012 03:08:23 PM) (Source: TwinCAT System Service) (User: )
Description: TwinCAT System Message: Source: TCOM Server; Timestamp: 7/17/2012 3:08:23 PM 563 ms Message: Dispositivo 1 (EtherCAT) (Adapt: Failed to connect to network adapater!

Error: (07/17/2012 03:08:23 PM) (Source: TwinCAT System Service) (User: )
Description: Sending ams command >> Init12\IO: Set State TComObj SAFEOP: Set Objects (2) to SAFEOP >> AdsWarning: 1823 (0x71f, ADS ERROR: device aborted the action) << failed%!

Error: (07/17/2012 09:43:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/17/2012 08:31:35 AM) (Source: Application Error) (User: )
Description: Faulting application name: s7oiehsx.exe, version: 800.400.102.3, time stamp: 0x4978880b
Faulting module name: s7oiehsx.exe, version: 800.400.102.3, time stamp: 0x4978880b
Exception code: 0xc0000005
Fault offset: 0x000365e3
Faulting process id: 0x990
Faulting application start time: 0xs7oiehsx.exe0
Faulting application path: s7oiehsx.exe1
Faulting module path: s7oiehsx.exe2
Report Id: s7oiehsx.exe3

Error: (07/16/2012 08:21:48 PM) (Source: Software Protection Platform Service) (User: )
Description: Acquisition of genuine ticket failed (hr=0x80072EE7) for template Id 66c92734-d682-4d71-983e-d6ec3f16059f

Error: (07/16/2012 08:21:48 PM) (Source: Software Protection Platform Service) (User: )
Description: License acquisition failure details.
hr=0x80072EE7

Error: (07/16/2012 02:39:26 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/16/2012 08:27:19 AM) (Source: TwinCAT System Service) (User: )
Description: TwinCAT System Message: Source: TCOM Server; Timestamp: 7/16/2012 8:27:19 AM 538 ms Message: Dispositivo 1 (EtherCAT) (Adapt: Failed to connect to network adapater!

Error: (07/16/2012 08:27:19 AM) (Source: TwinCAT System Service) (User: )
Description: Sending ams command >> Init12\IO: Set State TComObj SAFEOP: Set Objects (2) to SAFEOP >> AdsWarning: 1823 (0x71f, ADS ERROR: device aborted the action) << failed%!

Error: (07/15/2012 04:59:30 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (07/17/2012 05:46:59 PM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service depends the following service: SSDPSRV. This service might not be installed.

Error: (07/17/2012 05:46:59 PM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service depends the following service: SSDPSRV. This service might not be installed.

Error: (07/17/2012 05:46:59 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070424

Error: (07/17/2012 04:08:09 PM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service depends the following service: SSDPSRV. This service might not be installed.

Error: (07/17/2012 04:08:09 PM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service depends the following service: SSDPSRV. This service might not be installed.

Error: (07/17/2012 04:08:09 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070424

Error: (07/17/2012 04:08:07 PM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service depends the following service: SSDPSRV. This service might not be installed.

Error: (07/17/2012 04:08:07 PM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service depends the following service: SSDPSRV. This service might not be installed.

Error: (07/17/2012 04:08:07 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070424

Error: (07/17/2012 03:16:29 PM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service depends the following service: SSDPSRV. This service might not be installed.


Microsoft Office Sessions:
=========================
Error: (07/17/2012 03:08:23 PM) (Source: TwinCAT System Service)(User: )
Description: TCOM Server7/17/2012 3:08:23 PM 563 msDispositivo 1 (EtherCAT) (Adapt: Failed to connect to network adapater!

Error: (07/17/2012 03:08:23 PM) (Source: TwinCAT System Service)(User: )
Description: Init12\IO: Set State TComObj SAFEOP: Set Objects (2) to SAFEOP >> AdsWarning: 1823 (0x71f, ADS ERROR: device aborted the action)

Error: (07/17/2012 09:43:23 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\O2Micro\Oz600\DPInst64.exe

Error: (07/17/2012 08:31:35 AM) (Source: Application Error)(User: )
Description: s7oiehsx.exe800.400.102.34978880bs7oiehsx.exe800.400.102.34978880bc0000005000365e399001cd6356b11ed415C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exeC:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exeba4a9c9e-d013-11e1-bce7-5c260a4bcf54

Error: (07/16/2012 08:21:48 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x80072EE766c92734-d682-4d71-983e-d6ec3f16059f

Error: (07/16/2012 08:21:48 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x80072EE700010001(0x00000000, 20:21:45:694 - http://go.microsoft.com/fwlink/?LinkId=151642)
00020001(0x00000000, 20:21:45:695)
00030001(0x00000000, 20:21:45:695 - http://go.microsoft.com)
00030002(0x00000000, 20:21:45:695 - 0)
00040001(0x00000000, 20:21:45:695 - http://go.microsoft.com)
00040002(0x00000000, 20:21:45:702 - 1, <NULL>, <NULL>, <NULL>)
00040004(0x80072F94, 20:21:48:256 - <NULL>)
00040006(0x00000000, 20:21:48:256 - 1, http://go.microsoft.com, <NULL>, <local>)
00020005(0x00000000, 20:21:48:256 - 0)
00020007(0x80072EE7, 20:21:48:258)
00010002(0x80072EE7, 20:21:48:258 - <NULL>)
00010003(0x80072EE7, 20:21:48:258)

Error: (07/16/2012 02:39:26 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\O2Micro\Oz600\DPInst64.exe

Error: (07/16/2012 08:27:19 AM) (Source: TwinCAT System Service)(User: )
Description: TCOM Server7/16/2012 8:27:19 AM 538 msDispositivo 1 (EtherCAT) (Adapt: Failed to connect to network adapater!

Error: (07/16/2012 08:27:19 AM) (Source: TwinCAT System Service)(User: )
Description: Init12\IO: Set State TComObj SAFEOP: Set Objects (2) to SAFEOP >> AdsWarning: 1823 (0x71f, ADS ERROR: device aborted the action)

Error: (07/15/2012 04:59:30 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\O2Micro\Oz600\DPInst64.exe


=========================== Installed Programs ============================

AccelerometerP11 (Version: 2.00.10.21)
Adobe Acrobat X Standard - English, Français, Deutsch (Version: 10.1.3)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Aventail Connect (Version: 10.4.22)
BioAPI Framework (Version: 1.0.2)
CDS 3.6.3 (Version: 3.6.3)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Cisco Systems VPN Client 5.0.07.0290 (Version: 5.0.6)
Click to Call with Skype (Version: 5.5.8013)
Composer for Windows
Core Temp version 0.99.8 (Version: 0.99.8)
Custom (Version: 12.34.56.789)
CWGenericBase-Runtime Setup (Version: 1.0.0)
CyberLink PowerDVD 9.5 (Version: 9.5.1.3225)
D3DX10 (Version: 15.4.2368.0902)
dACi-BPS
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell ControlVault Host Components Installer (Version: 2.0.20.159)
Dell Data Protection | Access (Version: 01.00.00.154)
Dell Data Protection | Access (Version: 2.0.00000.154)
Dell Data Protection | Access | Drivers (Version: 1.00.011)
Dell Data Protection | Access | Middleware (Version: 1.00.005)
Dell Edoc Viewer (Version: 1.0.0)
Dell System Manager (Version: 1.6.00000)
Dell Touchpad (Version: 7.1208.101.116)
Dell Webcam Central (Version: 1.40.28)
DellAccess (Version: 01.00.00.078)
DirectX 9 Runtime (Version: 1.00.0000)
Duet Flexi (Version: 2.4)
DW WLAN Card Utility (Version: 5.100.235.13)
eDrawings for Pro/ENGINEER (Version: 6.0.156)
EMBASSY Security Center (Version: 04.02.00.072)
ESET Online Scanner v3
ESET Smart Security (Version: 5.2.9.1)
Flexi Soft Designer (Version: 1.4.0.28)
Free RAR Extract Frog (Version: 3.20)
Gemalto (Version: 01.01.01.0000)
Google Chrome (Version: 13.0.782.112)
GoToAssist Corporate (Version: 9.1.0.615)
Hardware Support Package for KTP400 Basic KTP600 Basic V1.3 + SP1 (Version: 1.3.0100)
Information System (Version: 2.00)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Identity Protection Technology 1.0.71.0 (Version: 1.0.71.0)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Network Connections 15.7.176.1 (Version: 15.7.176.1)
Intel® Processor Graphics (Version: 8.15.10.2347)
IXXAT VCI 2.18.4.2308 (Version: 2.18.4.2308)
IXXAT VCI 3.3.4.2765 (Version: 3.3.4.2765)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 10 (Version: 6.0.100)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
LogMeIn (Version: 4.1.2138)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MDM 6.04.41
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Forefront Client Security Antimalware Service (Version: 1.5.1993.0)
Microsoft Forefront Client Security State Assessment Service (Version: 1.0.1703.0)
Microsoft IntelliPoint 8.1 (Version: 8.15.406.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft redistributable runtime DLLs VS2005 SP1(x86) (Version: 8.0.50727.4053)
Microsoft redistributable runtime DLLs VS2008 SP1(x86) (Version: 9.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Express Edition (WINCCFLEXEXPRESS) (Version: 9.4.5000.00)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.50.1600.1)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server Browser (Version: 10.50.1600.1)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 10.50.1600.1)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML4.0 redistributable (Version: 4.0.0.0)
NetSetMan 3.4.2 (Version: 3.4.2)
Notepad++ (Version: 5.6.8)
NTRU TCG Software Stack (Version: 2.1.34)
O2Micro Flash Memory Card Windows Driver (Version: 3.0.07.23)
OPC .NET API 2.00 Redistributables (Version: 2.00.100)
PC-CCID (Version: 2.0.0)
PhotoShowExpress (Version: 2.0.063)
PKZIP Server for Windows 12.00.0014 (Version: 12.00.0014)
PL-2303 USB-to-Serial (Version: 1.2.10)
PLUS+1 GUIDE Drivers 1.1.12 (Version: 1.1.12)
PLUS+1 GUIDE Service Tool 5.0.8 (Version: 5.0.8)
Preboot Manager (Version: 03.02.00.066)
Private Information Manager (Version: 07.00.00.026)
Prosave V7.4 incl. SP4 (Version: 07.04.0400)
Prosave V7.4 SP4
Ralink RT7x Wireless LAN Card (Version: 1.5.4.0)
RK512 Communication DTM 1.4.0.28 (Version: 1.4.0.28)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
SAP GUI for Windows 7.20 (Version: 7.20 Compilation 2)
Setting and Monitoring Tool
SICK CDSDTM 3.6.6.19 (Version: 3.6.6.19)
SICK Shared
Siemens Automation License Manager V4.0
Siemens Automation License Manager V4.0 (Version: 04.00.0000)
SIMATIC Device Drivers (Version: 08.00.0400)
SIMATIC HMI License Manager Panel Plugin (Version: 1.3.0)
SIMATIC HMI ProSave (Version: 7.4.4.0)
SIMATIC HMI Symbol Library (Version: 01.07.0000)
SIMATIC LanguageSupportTool (Version: 05.07.0200)
SIMATIC Version View (Version: 01.07.0300)
SIMATIC WinCC flexible 2008 SP1 (Version: 1.3.1.0)
SIMATIC WinCC flexible OCX (Version: 01.03.0100)
SIMATIC WinCC flexible Runtime 2008 SP1
SIMATIC WinCC flexible Runtime 2008 SP1 (Version: 01.03.0100)
SIMATIC WinCC flexible Simulator (Version: 01.00.0003)
SIMATIC WinCC flexible Tag Simulator (Version: 1.3)
Skype™ 5.5 (Version: 5.5.113)
Smart (Version: 1.0.0)
SMART 4.0.1
SmartSim (Version: 1.0.0)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
SOPAS Engineering Tool (Version: 2.22.1000)
SPBA 5.9 (Version: 5.9.4.6686)
Spybot - Search & Destroy (Version: 1.6.2)
SQLite Expert Personal 2.3.8
TCP/IP Manager 3.0.2 (Build 16) (Version: 3.0.2 (Build 16))
TeamViewer 6 (Version: 6.0.10722)
Trusted Drive Manager (Version: 4.0.0.512)
TwinCAT (Version: 2.11.000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Upek Touchchip Fingerprint Reader (Version: 1.2.004)
VLC media player 2.0.1 (Version: 2.0.1)
Wave Infrastructure Installer (Version: 07.02.40.0008)
Wave Support Software Installer (Version: 05.12.00.012)
WinCC flexible (Version: 01.03.0000)
WinCC flexible Graphics (Version: 1.3.0000)
Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) (Version: 09/11/2009 1.0.1.6)
Windows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04) (Version: 06/27/2007 2.02.04)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows XP Mode (Version: 1.3.7600.16423)

========================= Memory info: ===================================

Percentage of memory in use: 59%
Total physical RAM: 3240.9 MB
Available physical RAM: 1300.1 MB
Total Pagefile: 6480.08 MB
Available Pagefile: 4483.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1936.54 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:272.9 GB) (Free:136.78 GB) NTFS
3 Drive e: (wincc) (Fixed) (Total:7.81 GB) (Free:7.02 GB) NTFS

========================= Users: ========================================

User accounts for \\(private)

Administrator (private) Guest
IT


**** End of log ****

#6 grim22x7

grim22x7
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 17 July 2012 - 06:47 PM

Oops missed that last scan result below.


Farbar Service Scanner Version: 08-07-2012
Ran by (private) (administrator) on 17-07-2012 at 18:44:22
Running from "C:\Users\(private)\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:38 AM

Posted 17 July 2012 - 09:03 PM

Download

System look

Launch it,copy the script in the BOX

:reg
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SSDPSRV /s

Click on LOOK,post the generated log

#8 grim22x7

grim22x7
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 19 July 2012 - 08:58 AM

SystemLook 30.07.11 by jpshortstuff
Log created at 08:54 on 19/07/2012 by (private)
(Limited User)

========== reg ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SSDPSRV]
"DisplayName"="@%systemroot%\system32\ssdpsrv.dll,-100"
"ImagePath"="%SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation"
"Description"="@%systemroot%\system32\ssdpsrv.dll,-101"
"ObjectName"="NT AUTHORITY\LocalService"
"ErrorControl"= 0x0000000001 (1)
"Start"= 0x0000000003 (3)
"DependOnService"="HTTP_TwinCAT System Service"
"ServiceSidType"= 0x0000000001 (1)
"RequiredPrivileges"="SeChangeNotifyPrivilege SeCreateGlobalPrivilege"
"FailureActions"=80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 64 00 00 00 01 00 00 00 64 00 00 00 00 00 00 00 00 00 00 00 (REG_BINARY)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SSDPSRV\Parameters]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"
"ServiceDllUnloadOnStop"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SSDPSRV\Security]
"Security"=01 00 04 80 9c 00 00 00 a8 00 00 00 00 00 00 00 14 00 00 00 02 00 88 00 06 00 00 00 00 00 14 00 ff 01 0f 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 ff 01 0f 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 18 00 ff 01 0f 00 01 02 00 00 00 00 00 05 20 00 00 00 25 02 00 00 00 00 14 00 9d 00 02 00 01 01 00 00 00 00 00 05 04 00 00 00 00 00 14 00 fd 01 02 00 01 01 00 00 00 00 00 05 13 00 00 00 00 00 14 00 fd 01 02 00 01 01 00 00 00 00 00 05 14 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00 (REG_BINARY)


-= EOF =-

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:38 AM

Posted 19 July 2012 - 09:09 AM

Download

Hosts fix

Run it,

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#10 grim22x7

grim22x7
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 19 July 2012 - 12:32 PM

During the TFC wipe, I received the error that I originally came to this board with. The scan finished before the one minute timer elapsed and seemed to restart explorer. But not the system. It jumped me to the login page. I tried to restart from there but the only thing that would happen is that the screen would blink. My work PC is not quite that quick. I tried logging in but it seemed that the program that handles the password verification was not running. I didn't get a good look at the error before, I believe, that 1 minute timer elapsed the machine did restart. I immediately started a MBAM scan and started writing this post. I did not get far enough to stop the auto restore points or make the new restore point.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:38 AM

Posted 19 July 2012 - 01:26 PM

Run TFC in safemode and let me know

#12 grim22x7

grim22x7
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 19 July 2012 - 03:02 PM

MBAM turned up nothing. ESET is running now. Are you sure turning off system restore is what you are wanting me to do? It seems that if you shut that off you can't make a new restore point.

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:38 AM

Posted 19 July 2012 - 03:07 PM

I dont see any malware symptoms

It seems that if you shut that off you can't make a new restore point.

When you turn off a system restore,it deletes your previous restore points.You can create new one.

#14 grim22x7

grim22x7
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 19 July 2012 - 03:39 PM

So you wanted me to turn it off to delete the old points and then turn it back on to make a new one? If so then that is what I have done.

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:38 AM

Posted 19 July 2012 - 03:55 PM

:thumbup2:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users